Lucene search
K

70 matches found

Positive Technologies
Positive Technologies
added 2023/11/30 12:0 a.m.11 views

PT-2023-9116 · Tenda · Tenda I6

Name of the Vulnerable Software and Affected Versions: Tenda i6 version 1.0.0.83856 Description: The issue is related to a buffer overflow vulnerability in the Wi-Fi router's microprogram, specifically in the /goform/WifiMacFilterSet component. This vulnerability can be exploited by a remote...

7.8CVSS7.6AI score0.0077EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2023/10/19 12:0 a.m.5 views

PT-2023-6361 · Connectize · Connectize Ac21000 G6

Name of the Vulnerable Software and Affected Versions: Connectize AC21000 G6 version 641.139.1.1256 Description: The issue is related to a Cross Site Scripting XSS vulnerability that allows attackers to run arbitrary code via a crafted string when setting the Wi-Fi password in the admin panel. Th...

9.8CVSS6.8AI score0.00726EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2023/09/11 12:0 a.m.9 views

PT-2024-14770

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to an unintentional integer overflow in the Linux kernel, specifically in the drm/mediatek component. The problem arises from multiplying two variables of different...

5.5CVSS5.8AI score0.00239EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/08/22 12:0 a.m.5 views

PT-2023-11505 · Exempi +6 · Exempi +6

Name of the Vulnerable Software and Affected Versions: exempi versions 2.5.0 and earlier Description: The issue allows remote attackers to cause a denial of service via the opening of crafted webp files. This is due to a Buffer Overflow vulnerability in the WEBP Support.cpp file. Recommendations:...

9.3CVSS5.9AI score0.05409EPSS
Exploits2References85
Positive Technologies
Positive Technologies
added 2023/06/13 12:0 a.m.5 views

PT-2023-22182 · Unknown · Frenic Rhc Loader

Name of the Vulnerable Software and Affected Versions: FRENIC RHC Loader version 1.1.0.3 Description: An out-of-bound reads issue exists, potentially allowing disclosure of sensitive system information or execution of arbitrary code when a specially crafted FNE file is opened. Recommendations: Fo...

7.8CVSS7.6AI score0.00204EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/05/30 12:0 a.m.3 views

PT-2023-19179 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 4.2.0 through 4.3.1 Description: The issue is related to the lack of rate limiting, which allows brute force attacks against Multi-Factor Authentication MFA methods. MFA is a security process that requires a user to provide t...

7.5CVSS6.9AI score0.0056EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/04/29 12:0 a.m.6 views

PT-2023-2944 · Fs · Fs S3900-24T4S

Name of the Vulnerable Software and Affected Versions: FS S3900-24T4S affected versions not specified Description: The issue is related to insufficient access control in the software of FS S3900-24T4S switches. It allows a remote attacker to escalate their privileges and reset the admin password...

8.8CVSS7.1AI score0.05343EPSS
Exploits4References6
Positive Technologies
Positive Technologies
added 2023/01/03 12:0 a.m.5 views

PT-2023-15523 · V-Server · V-Server

Name of the Vulnerable Software and Affected Versions: V-Server versions 4.0.12.0 and earlier Description: A stack-based buffer overflow issue allows a local attacker to obtain information and/or execute arbitrary code by having a user open a specially crafted project file. Recommendations: For...

7.8CVSS8AI score0.00253EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/09/14 12:0 a.m.5 views

PT-2022-23368 · Osu Open Source · Vncauthproxy

Name of the Vulnerable Software and Affected Versions: OSU Open Source Lab VNCAuthProxy versions 1.1.1 and earlier Description: The issue is an authentication-bypass vulnerability in the VNCServerAuthenticator, located in vncap/vnc/protocol.py, which could allow a malicious actor to gain...

9.8CVSS7.1AI score0.01653EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2022/08/15 12:0 a.m.9 views

PT-2022-23447 · D Link · D-Link Go-Rt-Ac750

Name of the Vulnerable Software and Affected Versions: D-Link GO-RT-AC750 versions GORTAC750 revA v101b03 through GO-RT-AC750 revB FWv200b02 Description: The issue concerns an authentication bypass. It is related to the function phpcgi main in cgibin. Recommendations: For D-Link GO-RT-AC750 versi...

7.5CVSS7.6AI score0.0104EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/06/16 12:0 a.m.5 views

PT-2022-20956 · Mercury · Mercury Mipc451-4

Name of the Vulnerable Software and Affected Versions: MERCURY MIPC451-4 version 1.0.22 Build 220105 Rel.55642n Description: The issue is a remote code execution RCE vulnerability. It can be exploited via a crafted POST request. Recommendations: For MERCURY MIPC451-4 version 1.0.22 Build 220105...

8.8CVSS8.7AI score0.01841EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/04/29 12:0 a.m.5 views

PT-2022-12182

Name of the Vulnerable Software and Affected Versions Wondershare LTD Dr. Fone as of 2021-12-06 version Description The issue is related to remote code execution due to software design flaws. An unauthenticated user can communicate over UDP with the "InstallAssistService.exe" service, which runs...

10CVSS7.9AI score0.22325EPSS
Exploits3References11
Positive Technologies
Positive Technologies
added 2021/08/02 12:0 a.m.11 views

PT-2021-7768 · 3S Smart Software Solutions · Codesys Development System

Name of the Vulnerable Software and Affected Versions: CODESYS Development System versions 3.5.16 through 3.5.17 Description: A unsafe deserialization vulnerability exists in the ObjectManager.plugin ProfileInformation.ProfileData functionality. This vulnerability can be triggered by a specially...

8.8CVSS8.3AI score0.01671EPSS
Exploits1References10
NCSC
NCSC
added 2021/07/16 12:0 a.m.8 views

Vulnerability found in Microsoft Printer Spooler service

Microsoft has found a vulnerability in the Printer Spooler service. A local malicious person with the ability to execute code under user privileges to execute code could potentially exploit it to execute arbitrary code under SYSTEM privileges. It is as yet unknown in which versions of Windows the...

9.8CVSS7.5AI score0.99759EPSS
Exploits76
Positive Technologies
Positive Technologies
added 2021/06/21 12:0 a.m.17 views

PT-2024-11320 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a possible use-after-free in the Linux kernel's watchdog driver. The driver's remove path calls del timer, which does not wait until the timer handler finishes,...

9.8CVSS6.5AI score0.17563EPSS
Exploits9References2075
Positive Technologies
Positive Technologies
added 2021/02/09 12:0 a.m.18 views

PT-2021-3888

Name of the Vulnerable Software and Affected Versions PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000, PM800 affected versions not specified Description The issue is related to insufficient authentication of executed requests, which could allow a remote attacker to...

8.5CVSS5.8AI score0.00321EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2020/11/10 12:0 a.m.3 views

PT-2020-4801 · Microsoft · Windows Bind Filter Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Bind Filter Driver affected versions not specified Description: The issue is related to insufficient access control in the Windows Bind Filter driver, which can be exploited to elevate privileges. This could allow an attacker to affec...

7.8CVSS7.2AI score0.00772EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2020/02/17 12:0 a.m.2 views

PT-2020-20192 · Horde · Horde Groupware Webmail Edition

Name of the Vulnerable Software and Affected Versions: Horde Groupware Webmail Edition version 5.2.22 Description: The issue allows injection of arbitrary PHP code via CSV data, leading to remote code execution. Recommendations: For Horde Groupware Webmail Edition version 5.2.22, consider disabli...

9.8CVSS8AI score0.71728EPSS
Exploits5References28
Positive Technologies
Positive Technologies
added 2018/08/23 12:0 a.m.4 views

PT-2018-16309 · Samsung · Samsung Smartthings Hub

Name of the Vulnerable Software and Affected Versions: Samsung SmartThings Hub STH-ETH-250 version 0.20.17 Description: The issue arises from the insecure extraction of fields from the "shard" table in the SQLite database by the video-core process, leading to a buffer overflow on the stack. This...

9.9CVSS7.7AI score0.00946EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2018/08/14 12:0 a.m.3 views

PT-2018-1502 · Microsoft · Excel Viewer +2

Name of the Vulnerable Software and Affected Versions: Microsoft Office affected versions not specified Microsoft Excel affected versions not specified Microsoft Excel Viewer affected versions not specified Description: The issue is related to incorrect handling of objects in memory, which can...

9.3CVSS6.9AI score0.16245EPSS
Exploits0References8
Rows per page
Query Builder