Lucene search
+L

114 matches found

SUSE CVE
SUSE CVE
added 2024/06/22 3:35 a.m.5 views

SUSE CVE-2024-38564

In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in BPFLINKCREATE bpfprogattach uses attachtypetoprogtype to enforce proper attach type for BPFPROGTYPECGROUPSKB. linkcreate uses bpfprogget and relies on...

6CVSS6.5AI score0.00228EPSS
Exploits0References17
NVD
NVD
added 2024/06/19 2:15 p.m.17 views

CVE-2024-38564

In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in BPFLINKCREATE bpfprogattach uses attachtypetoprogtype to enforce proper attach type for BPFPROGTYPECGROUPSKB. linkcreate uses bpfprogget and relies on...

5.5CVSS0.00228EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2024/05/03 3:16 a.m.2 views

CVE-2023-51621

D-Link DIR-X3260 prog.cgi SetDeviceSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...

6.8CVSS6.3AI score0.01126EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/05/03 3:15 a.m.3 views

CVE-2023-41216

D-Link DIR-3040 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this...

6.8CVSS6.3AI score0.00705EPSS
Exploits0References2
OSV
OSV
added 2024/05/03 2:15 a.m.4 views

CVE-2023-41222

D-Link DIR-3040 prog.cgi SetWan2Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability...

6.8CVSS6.3AI score0.00705EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.5 views

D-Link DIR-X3260 安全漏洞

D-Link DIR-X3260 is a Wi-Fi 6 router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-X3260 that stems from a prog.cgi SetTriggerPPPoEValidate stack-based buffer overflow remote code execution vulnerability...

6.8CVSS7.4AI score0.01126EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.5 views

D-Link DIR-X3260 安全漏洞

D-Link DIR-X3260 is a Wi-Fi 6 router from China's AUO D-Link. A security vulnerability exists in the D-Link DIR-X3260 that stems from an incorrect authentication bypass vulnerability implemented by the prog.cgi authentication algorithm...

8.8CVSS9AI score0.00901EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/23 12:0 a.m.5 views

PT-2024-3191 · D Link · D-Link Dir-822

Name of the Vulnerable Software and Affected Versions: D-Link DIR-822+ version 1.0.5 Description: The issue is related to a command injection in the SetPlcNetworkpwd function of the prog.cgi script, which allows remote attackers to execute arbitrary commands via shell. This is due to the lack of...

10CVSS8.5AI score0.01559EPSS
Exploits1References9
CNVD
CNVD
added 2023/10/07 12:0 a.m.4 views

D-Link DIR-X3260 Buffer Overflow Vulnerability

The D-Link DIR-X3260 is a mainstream router from D-Link that supports Wi-Fi 6. The D-Link DIR-X3260 suffers from a buffer overflow vulnerability that stems from a heap-based buffer overflow remote code execution vulnerability in Prog.cgi. An attacker can exploit this vulnerability to execute...

8.8CVSS8.9AI score0.00742EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/10/06 12:0 a.m.6 views

The vulnerability of the prog.cgi component in D-Link DIR-X3260 Wi-Fi routers allows a hacker to execute arbitrary code.

The vulnerability of the prog.cgi component in D-Link DIR-X3260 Wi-Fi routers involves reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

8.8CVSS8.2AI score0.00742EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/10/04 12:0 a.m.8 views

PT-2023-5896 · D Link · D-Link Dir-X3260

Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although authentication is required to exploit this...

8CVSS7.6AI score0.01114EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/07/06 12:0 a.m.8 views

PT-2023-8460 · D Link · D-Link Dir-X3260

Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. The specific flaw exists within the prog.cgi binary,...

8CVSS7.4AI score0.01136EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.3 views

kernel: bpf, x86: fix freeing of not-finalized bpf_prog_pack

In the Linux kernel, the following vulnerability has been resolved: bpf, x86: fix freeing of not-finalized bpfprogpack syzbot reported a few issues with bpfprogpack 1, 2. This only happens with multiple subprogs. In jitsubprogs, we first call bpfintjitcompile on each sub program. And then, we cal...

7.8CVSS6.3AI score0.00211EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/05/09 12:0 a.m.7 views

PT-2025-26094

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the freeing of not-finalized bpf prog pack. The issue occurs when there are multiple subprogs and jit subprogs is called...

8.8CVSS7.5AI score0.03763EPSS
Exploits14References483
OSV
OSV
added 2023/05/05 3:42 p.m.53 views

RXSA-2023:1566 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 ALSA: pcm: Move rwsem lock inside sndctlelemread to prevent UAF CVE-2023-0266 kernel: FUSE filesystem low-privileged user...

7.8CVSS8AI score0.0788EPSS
Exploits14References5
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.3 views

PT-2022-36316 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.156 Description: The issue is related to an alignment problem in the bpf prog test run skb function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

7.2AI score
Exploits0References1
OSV
OSV
added 2022/07/06 2:15 p.m.5 views

CVE-2022-23173

this vulnerability affect user that even not allowed to access via the web interface. First of all, the attacker needs to access the "Login menu - demo site" then he can see in this menu all the functionality of the application. If the attacker will try to click on one of the links, he will get a...

6.3CVSS6.6AI score0.00511EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/27 8:35 a.m.6 views

CVE-2022-23173

this vulnerability affect user that even not allowed to access via the web interface. First of all, the attacker needs to access the "Login menu - demo site" then he can see in this menu all the functionality of the application. If the attacker will try to click on one of the links, he will get a...

6.5CVSS6.6AI score0.00511EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/04/15 2:15 p.m.6 views

CVE-2022-28041

stbimage.h v2.27 was discovered to contain an integer overflow via the function stbijpegdecodeblockprogdc. This vulnerability allows attackers to cause a Denial of Service DoS via unspecified vectors...

6.5CVSS6.8AI score0.02069EPSS
Exploits1References24
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.30 views

Rockwell Automation Micrologix Improper Access Control (CVE-2017-14466)

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...

10CVSS7.4AI score0.37317EPSS
Exploits1References3
Rows per page
Query Builder