2575 matches found
PT-2025-18789 · Wavlink · Wavlink Wl-Wn530Hg4
Name of the Vulnerable Software and Affected Versions: Wavlink WL-WN530H4 version 20220801 Description: The issue is related to a command injection vulnerability in the ping test function of the adm.cgi via the pingIp parameter. This allows attackers to execute arbitrary commands via a crafted...
Exploit for CVE-2025-25706
CVE-2025-25706 Description Item: Product Vendor: freebsd...
Exploit for CVE-2025-25705
CVE-2025-25705 Description Item: Product Vendor: freebsd...
Microhard Bullet-LTE Improper Neutralization of Special Elements used in an OS Command (CVE-2020-17406)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the ping parameter provided to tools.sh. The issu...
CVE-2025-29226
In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function via the pt"count" parameter...
iputils bug fix update
An update is available for iputils. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The iputils packages contain basic utilities for monitoring a network,...
org.infinispan-infinispan-parent: Exposure of Sensitive Information in Application Logs
A flaw was found in Infinispan, when using JGroups with JDBCPING. This issue occurs when an application inadvertently exposes sensitive information, such as configuration details or credentials, through logging mechanisms. This exposure can lead to unauthorized access and exploitation by maliciou...
CVE-2025-26320
CVE-2025-26320 affects BroadlinkManager v5.9.1. The vulnerability is an OS command injection via the IP Address parameter in /device/ping. Reported scores show CVSS 3.1: Network vector, low attack complexity, no privileges required, no user interaction, confidentiality/integrity impact Low, avail...
ALPINE-CVE-2025-26466
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to ...
DEBIAN-CVE-2025-26466
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to ...
CVE-2025-26466 Openssh: denial-of-service in openssh
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to ...
OpenSSH 资源管理错误漏洞
OpenSSH OpenBSD Secure Shell is a set of connection tools for secure access to remote computers from the Canadian OpenBSD Project Group. The tools are an open source implementation of the SSH protocol and support encryption of all transmissions, effectively blocking eavesdropping, connection...
CVE-2025-25794
SeaCMS v13.3 was discovered to contain a remote code execution RCE vulnerability via the component adminping.php...
SeaCMS 安全漏洞
SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS v13.3, which stems from a remote code execution RCE issue in the component adminping.php...
CVE-2025-20059
Relative Path Traversal vulnerability in Ping Identity PingAM Java Policy Agent allows Parameter Injection.This issue affects PingAM Java Policy Agent: through 5.10.3, through 2023.11.1, through 2024.9...
CVE-2025-20059
Relative Path Traversal vulnerability in Ping Identity PingAM Java Policy Agent allows Parameter Injection.This issue affects PingAM Java Policy Agent: through 5.10.3, through 2023.11.1, through 2024.9...
CVE-2025-20059 PingAM Java Policy Agent path traversal
Relative Path Traversal vulnerability in Ping Identity PingAM Java Policy Agent allows Parameter Injection.This issue affects PingAM Java Policy Agent: through 5.10.3, through 2023.11.1, through 2024.9...
CVE-2025-20059
CVE-2025-20059 : Affected product is Ping Identity PingAM Java Policy Agent. The issue is a relative path traversal that enables parameter injection in PingAM Policy Agent components. Affects versions through 5.10.3, through 2023.11.1, and through 2024.9. Impact (as per CVSS metrics in the initia...
Ping Identity PingAM 安全漏洞
Ping Identity PingAM is an authentication, access management program from Ping Identity USA. A security vulnerability exists in Ping Identity PingAM that stems from a relative path traversal vulnerability contained in the Java Policy Agent...
PT-2025-6919 · Synway · Synway Smg Gateway Management
Name of the Vulnerable Software and Affected Versions: Synway SMG Gateway Management Software up to 20250204 Description: A critical issue affects the processing of the file 9-12ping.php in Synway SMG Gateway Management Software. The manipulation of the retry argument leads to command injection...