Lucene search
K

8 matches found

Debian CVE
Debian CVE
added 2026/06/26 3:27 p.m.5 views

CVE-2026-12411

Broken Access Control in the devLXDInstancePatchHandler component of Canonical LXD allows an untrusted guest to mount, read, and overwrite another guest's custom storage volume via a crafted device PATCH request over /dev/lxd when security.devlxd.management.volumes is enabled...

9.6CVSS5.8AI score0.00209EPSS
Exploits1
NVD
NVD
added 2025/09/25 8:15 p.m.7 views

CVE-2025-10964

A weakness has been identified in Wavlink NU516U1. Affected by this vulnerability is the function sub401B30 of the file /cgi-bin/firewall.cgi. This manipulation of the argument remoteManagementEnabled causes command injection. The attack can be initiated remotely. The exploit has been made...

8.8CVSS0.06807EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/09/25 7:32 p.m.14 views

CVE-2025-10964 Wavlink NU516U1 firewall.cgi sub_401B30 command injection

A weakness has been identified in Wavlink NU516U1. Affected by this vulnerability is the function sub401B30 of the file /cgi-bin/firewall.cgi. This manipulation of the argument remoteManagementEnabled causes command injection. The attack can be initiated remotely. The exploit has been made...

6.5CVSS0.06807EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/09/25 12:0 a.m.7 views

PT-2025-39442

Name of the Vulnerable Software and Affected Versions Wavlink NU516U1 affected versions not specified Description A flaw exists in the Wavlink NU516U1 device. The issue is related to the manipulation of the remoteManagementEnabled argument within the sub 401B30 function of the /cgi-bin/firewall.c...

6.5CVSS6.3AI score0.06807EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2025/05/23 2:34 a.m.8 views

CVE-2023-1874

The WP Data Access plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.3.7. This is due to a lack of authorization checks on the multiplerolesupdate function. This makes it possible for authenticated attackers, with minimal permissions such as a...

8.8CVSS6AI score0.02726EPSS
Exploits3References1
OSV
OSV
added 2019/04/02 6:30 p.m.4 views

CVE-2019-7475

A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8...

9.8CVSS5.8AI score0.01392EPSS
Exploits0References1
SonicWall
SonicWall
added 2019/04/01 8:0 p.m.9 views

SonicOS Unprivileged User Access ARS

A vulnerability in SonicOS with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8,...

10CVSS6.8AI score0.01392EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2017/10/26 12:0 a.m.5 views

The vulnerability of the Internet Key Exchange version 2 (IKEv2) module in Cisco IOS and Cisco IOS XE operating systems allows a attacker to cause a service failure and a device restart.

The vulnerability of the Internet Key Exchange version 2 IKEv2 in Cisco IOS and Cisco IOS XE operating systems is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service failure and forced restarts of devices by using specially crafted IKE...

7.8CVSS7.2AI score0.06938EPSS
Exploits0References5Affected Software2
Rows per page
Query Builder