70 matches found
PT-2023-9116 · Tenda · Tenda I6
Name of the Vulnerable Software and Affected Versions: Tenda i6 version 1.0.0.83856 Description: The issue is related to a buffer overflow vulnerability in the Wi-Fi router's microprogram, specifically in the /goform/WifiMacFilterSet component. This vulnerability can be exploited by a remote...
PT-2023-6361 · Connectize · Connectize Ac21000 G6
Name of the Vulnerable Software and Affected Versions: Connectize AC21000 G6 version 641.139.1.1256 Description: The issue is related to a Cross Site Scripting XSS vulnerability that allows attackers to run arbitrary code via a crafted string when setting the Wi-Fi password in the admin panel. Th...
PT-2024-14770
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to an unintentional integer overflow in the Linux kernel, specifically in the drm/mediatek component. The problem arises from multiplying two variables of different...
PT-2023-11505 · Exempi +6 · Exempi +6
Name of the Vulnerable Software and Affected Versions: exempi versions 2.5.0 and earlier Description: The issue allows remote attackers to cause a denial of service via the opening of crafted webp files. This is due to a Buffer Overflow vulnerability in the WEBP Support.cpp file. Recommendations:...
PT-2023-22182 · Unknown · Frenic Rhc Loader
Name of the Vulnerable Software and Affected Versions: FRENIC RHC Loader version 1.1.0.3 Description: An out-of-bound reads issue exists, potentially allowing disclosure of sensitive system information or execution of arbitrary code when a specially crafted FNE file is opened. Recommendations: Fo...
PT-2023-19179 · Joomla · Joomla!
Name of the Vulnerable Software and Affected Versions: Joomla! versions 4.2.0 through 4.3.1 Description: The issue is related to the lack of rate limiting, which allows brute force attacks against Multi-Factor Authentication MFA methods. MFA is a security process that requires a user to provide t...
PT-2023-2944 · Fs · Fs S3900-24T4S
Name of the Vulnerable Software and Affected Versions: FS S3900-24T4S affected versions not specified Description: The issue is related to insufficient access control in the software of FS S3900-24T4S switches. It allows a remote attacker to escalate their privileges and reset the admin password...
PT-2023-15523 · V-Server · V-Server
Name of the Vulnerable Software and Affected Versions: V-Server versions 4.0.12.0 and earlier Description: A stack-based buffer overflow issue allows a local attacker to obtain information and/or execute arbitrary code by having a user open a specially crafted project file. Recommendations: For...
PT-2022-23368 · Osu Open Source · Vncauthproxy
Name of the Vulnerable Software and Affected Versions: OSU Open Source Lab VNCAuthProxy versions 1.1.1 and earlier Description: The issue is an authentication-bypass vulnerability in the VNCServerAuthenticator, located in vncap/vnc/protocol.py, which could allow a malicious actor to gain...
PT-2022-23447 · D Link · D-Link Go-Rt-Ac750
Name of the Vulnerable Software and Affected Versions: D-Link GO-RT-AC750 versions GORTAC750 revA v101b03 through GO-RT-AC750 revB FWv200b02 Description: The issue concerns an authentication bypass. It is related to the function phpcgi main in cgibin. Recommendations: For D-Link GO-RT-AC750 versi...
PT-2022-20956 · Mercury · Mercury Mipc451-4
Name of the Vulnerable Software and Affected Versions: MERCURY MIPC451-4 version 1.0.22 Build 220105 Rel.55642n Description: The issue is a remote code execution RCE vulnerability. It can be exploited via a crafted POST request. Recommendations: For MERCURY MIPC451-4 version 1.0.22 Build 220105...
PT-2022-12182
Name of the Vulnerable Software and Affected Versions Wondershare LTD Dr. Fone as of 2021-12-06 version Description The issue is related to remote code execution due to software design flaws. An unauthenticated user can communicate over UDP with the "InstallAssistService.exe" service, which runs...
PT-2021-7768 · 3S Smart Software Solutions · Codesys Development System
Name of the Vulnerable Software and Affected Versions: CODESYS Development System versions 3.5.16 through 3.5.17 Description: A unsafe deserialization vulnerability exists in the ObjectManager.plugin ProfileInformation.ProfileData functionality. This vulnerability can be triggered by a specially...
Vulnerability found in Microsoft Printer Spooler service
Microsoft has found a vulnerability in the Printer Spooler service. A local malicious person with the ability to execute code under user privileges to execute code could potentially exploit it to execute arbitrary code under SYSTEM privileges. It is as yet unknown in which versions of Windows the...
PT-2024-11320 · Linux +6 · Linux Kernel +6
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a possible use-after-free in the Linux kernel's watchdog driver. The driver's remove path calls del timer, which does not wait until the timer handler finishes,...
PT-2021-3888
Name of the Vulnerable Software and Affected Versions PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000, PM800 affected versions not specified Description The issue is related to insufficient authentication of executed requests, which could allow a remote attacker to...
PT-2020-4801 · Microsoft · Windows Bind Filter Driver +1
Name of the Vulnerable Software and Affected Versions: Windows Bind Filter Driver affected versions not specified Description: The issue is related to insufficient access control in the Windows Bind Filter driver, which can be exploited to elevate privileges. This could allow an attacker to affec...
PT-2020-20192 · Horde · Horde Groupware Webmail Edition
Name of the Vulnerable Software and Affected Versions: Horde Groupware Webmail Edition version 5.2.22 Description: The issue allows injection of arbitrary PHP code via CSV data, leading to remote code execution. Recommendations: For Horde Groupware Webmail Edition version 5.2.22, consider disabli...
PT-2018-16309 · Samsung · Samsung Smartthings Hub
Name of the Vulnerable Software and Affected Versions: Samsung SmartThings Hub STH-ETH-250 version 0.20.17 Description: The issue arises from the insecure extraction of fields from the "shard" table in the SQLite database by the video-core process, leading to a buffer overflow on the stack. This...
PT-2018-1502 · Microsoft · Excel Viewer +2
Name of the Vulnerable Software and Affected Versions: Microsoft Office affected versions not specified Microsoft Excel affected versions not specified Microsoft Excel Viewer affected versions not specified Description: The issue is related to incorrect handling of objects in memory, which can...