31640 matches found
PT-2024-40729 · Pcapng · Pcapng
Name of the Vulnerable Software and Affected Versions: pcapng affected versions not specified Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the pcpp::PcapNgFileReaderDevice::getNextPacket function, which is called by...
Foxit Reader Lock object fields property type confusion vulnerability
Talos Vulnerability Report TALOS-2024-1963 Foxit Reader Lock object fields property type confusion vulnerability April 30, 2024 CVE Number CVE-2024-25575 SUMMARY A type confusion vulnerability vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Lock object. A specially crafted...
Foxit Reader ComboBox widget Format event use-after-free vulnerability
Talos Vulnerability Report TALOS-2024-1959 Foxit Reader ComboBox widget Format event use-after-free vulnerability April 30, 2024 CVE Number CVE-2024-25648 SUMMARY A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a ComboBox widget. A specially crafted JavaScript...
rimedo-ts 安全漏洞
rimedo-ts is an application of the ONOS project. A security vulnerability exists in Open Networking Foundation SD-RAN Rimedo rimedo-ts version 0.1.1, which stems from an out-of-bounds issue in reader.go...
KLA66484 Multiple vulnerabilities in Foxit Reader
Multiple vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in ComboBox widget can be exploited to cause denial of service or...
Foxit PDF Reader for Mac < 2024.2 Vulnerability
According to its version, the Foxit PDF Reader for Mac application previously named Foxit Reader for Mac installed on the remote macOS host is prior to 2024.2. It is, therefore affected by vulnerability: Note that Nessus has not tested for this issue but has instead relied only on the application...
The vulnerability of the mac2name function in the web interface of the work time and bandwidth management system, Peplink Smart Reader, allows a violator to execute arbitrary code.
The vulnerability of the mac2name function in the web interface of the work time and bandwidth management system Peplink Smart Reader exists due to the lack of measures taken to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a remote attacke...
PT-2024-7017
Name of the Vulnerable Software and Affected Versions Foxit PDF Reader affected versions not specified Foxit PDF Editor affected versions not specified Description This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the targe...
CVE-2023-45209
An information disclosure vulnerability exists in the web interface /cgi-bin/downloadconfig.cgi functionality of Peplink Smart Reader v1.2.0 in QEMU. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger...
CVE-2023-45744
A data integrity vulnerability exists in the web interface /cgi-bin/uploadconfig.cgi functionality of Peplink Smart Reader v1.2.0 in QEMU. A specially crafted HTTP request can lead to configuration modification. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...
CVE-2023-45744
A data integrity vulnerability exists in the web interface /cgi-bin/uploadconfig.cgi functionality of Peplink Smart Reader v1.2.0 in QEMU. A specially crafted HTTP request can lead to configuration modification. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...
CVE-2023-40146
A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 in QEMU. A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials and execute unblocke...
CVE-2023-40146
A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 in QEMU. A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials and execute unblocke...
CVE-2023-43491
An information disclosure vulnerability exists in the web interface /cgi-bin/debugdump.cgi functionality of Peplink Smart Reader v1.2.0 in QEMU. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this...
CVE-2023-43491
An information disclosure vulnerability exists in the web interface /cgi-bin/debugdump.cgi functionality of Peplink Smart Reader v1.2.0 in QEMU. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this...
CVE-2023-45209
An information disclosure vulnerability exists in the web interface /cgi-bin/downloadconfig.cgi functionality of Peplink Smart Reader v1.2.0 in QEMU. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger...
CVE-2023-39367
An OS command injection vulnerability exists in the web interface mac2name functionality of Peplink Smart Reader v1.2.0 in QEMU. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2023-39367
An OS command injection vulnerability exists in the web interface mac2name functionality of Peplink Smart Reader v1.2.0 in QEMU. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2023-43491
An information disclosure vulnerability exists in the web interface /cgi-bin/debugdump.cgi functionality of Peplink Smart Reader v1.2.0 in QEMU. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this...
CVE-2023-43491
The CVE-2023-43491 entry describes an information-disclosure vulnerability in the Peplink Smart Reader web interface, specifically the /cgi-bin/debug_dump.cgi functionality on version v1.2.0 (QEMU). The issue is triggered by a specially crafted unauthenticated HTTP request that can disclose sensi...