Lucene search
K

8 matches found

Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.12 views

PT-2026-20815

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input through the NTP SERVER LIST parameter. Attackers can send POST requests to the /korugan/time endpoint with script payloads in the NT...

6.1CVSS5.6AI score0.0033EPSS
Exploits1References4
CVE
CVE
added 2026/02/06 6:32 a.m.15 views

CVE-2026-2000

CVE-2026-2000 affects DCN DCME-320 Web Management Backend. The vulnerability is in apply_config() handling of the ip_list argument in /function/system/basic/bridge_cfg.php, where manipulation leads to command injection. It is remotely exploitable and exploits have been published. Public reports (...

7.2CVSS5AI score0.17152EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2025/11/20 12:0 a.m.5 views

Tenda AC21 安全漏洞

Tenda AC21 is a dual-band Gigabit wireless router launched by Tenda Technology, designed for home high-speed Internet needs, supporting 802.11acwave2 technology, dual-band concurrent rate up to 2033Mbps, of which the 5GHz band rate up to 1733Mbps, to meet the high-bandwidth applications, such as ...

4.3CVSS7.3AI score0.00258EPSS
Exploits1References2
OSV
OSV
added 2025/10/27 6:31 p.m.19 views

GHSA-WQ2G-R956-J8CC pg8000 SQL injection vulnerability via a specially crafted Python list input

SQL injection vulnerability in tlocke pg8000 1.31.4 allows remote attackers to execute arbitrary SQL commands via a specially crafted Python list input to function pg8000.native.literal...

9.3CVSS6.2AI score0.00328EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.8 views

pg8000 安全漏洞

pg8000 is a PostgreSQL database driver by tlocke individual developers. A security vulnerability exists in pg8000 version 1.31.4, which stems from not properly handling Python list input and could lead to an SQL injection attack...

9.6CVSS7.4AI score0.00328EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/27 12:0 a.m.3 views

CVE-2025-61385

SQL injection vulnerability in tlocke pg8000 1.31.4 allows remote attackers to execute arbitrary SQL commands via a specially crafted Python list input to function pg8000.native.literal...

8.2AI score0.00328EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2023/02/09 9:51 a.m.2 views

OpenSSL Fixes Multiple New Security Flaws with Latest Update

The OpenSSL Project has released fixes to address several security flaws, including a high-severity bug in the open source encryption toolkit that could potentially expose users to malicious attacks. Tracked as CVE-2023-0286, the issue relates to a case of type confusion that may permit an...

7.5CVSS7.5AI score0.59501EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2014/10/13 9:6 p.m.4 views

libXi: Sign extension issues resulting in heap-based buffer overflow

A buffer overflow flaw was found in the way the XListInputDevices function of X.Org X11's libXi runtime library handled signed numbers. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client...

6.8CVSS7.7AI score0.01876EPSS
Exploits0References5
Rows per page
Query Builder