Lucene search
K

52 matches found

attackerkb
attackerkb
added 2022/09/06 6:15 p.m.3 views

CVE-2022-2943

The WordPress Infinite Scroll – Ajax Load More plugin for Wordpress is vulnerable to arbitrary file reading in versions up to, and including, 5.5.3 due to insufficient file path validation on the almrepeatersexport function. This makes it possible for authenticated attackers, with administrative...

4.9CVSS6AI score0.01355EPSS
Exploits2References5
attackerkb
attackerkb
added 2022/09/06 6:15 p.m.3 views

CVE-2022-2433

The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to deserialization of untrusted input via the 'almrepeatersexport' parameter in versions up to, and including 5.5.3. This makes it possible for unauthenticated users to call files using a PHAR wrapper, granted they...

8.8CVSS5.9AI score0.01251EPSS
Exploits0References5
osv
osv
added 2022/09/06 5:18 p.m.8 views

CVE-2022-2433 WordPress Infinite Scroll – Ajax Load More <= 5.5.3 - Cross-Site Request Forgery to PHAR Deserialization

The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to deserialization of untrusted input via the 'almrepeatersexport' parameter in versions up to, and including 5.5.3. This makes it possible for unauthenticated users to call files using a PHAR wrapper, granted they...

7.5CVSS7.2AI score0.01251EPSS
Exploits0References6
threatpost
threatpost
added 2022/08/15 1:56 p.m.111 views

Black Hat and DEF CON Roundup

There was nothing typical this year at BSides LV, Black Hat USA and DEF CON – also known collectively as Hacker Summer Camp. The weeklong collection of cybersecurity conferences featured an eclectic mix of attendees to learn, network, hack and have fun. The week even included a rare Las Vegas fla...

7AI score
Exploits0References14
osv
osv
added 2021/12/07 10:15 p.m.7 views

CVE-2021-44148

GL.iNet GL-AR150 2.x before 3.x devices, configured as repeaters, allow cgi-bin/routercgi?action=scanwifi XSS when an attacker creates an SSID with an XSS payload as the name...

6.1CVSS6.4AI score0.00648EPSS
Exploits1References1
prion
prion
added 2021/12/07 10:15 p.m.17 views

Cross site scripting

GL.iNet GL-AR150 2.x before 3.x devices, configured as repeaters, allow cgi-bin/routercgi?action=scanwifi XSS when an attacker creates an SSID with an XSS payload as the name...

4.3CVSS6AI score0.00648EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2021/12/07 9:3 p.m.13 views

CVE-2021-44148

GL.iNet GL-AR150 2.x before 3.x devices, configured as repeaters, allow cgi-bin/routercgi?action=scanwifi XSS when an attacker creates an SSID with an XSS payload as the name...

6.2AI score0.00648EPSS
Exploits1References1
bdu_fstec
bdu_fstec
added 2021/11/02 12:0 a.m.4 views

The vulnerability of the httpd microprogramming software in NETGEAR Wi-Fi routers such as R6400, R6400v2, R6700v3, R6900P, R7000, R7000P, R7850, R7900P, R7960P, R8000, R8000P, RAX15, RAX20, RAX200, RAX35v2, RAX38v2, RAX40v2, RAX42, RAX43, RAX45, RAX48, RAX50, RAX50S, RAX75, RAX80, RAXE450, RAXE500, RS400, WNDR3400v3, WNR3500Lv2, D6220, D6400, and wireless repealers like EX6120, EX6130, EX7500, allows a perpetrator to execute arbitrary code.

The vulnerability of the httpd microprogramming software in NETGEAR Wi-Fi routers such as R6400, R6400v2, R6700v3, R6900P, R7000, R7000P, R7850, R7900P, R7960P, R8000, R8000P, RAX15, RAX20, RAX200, RAX35v2, RAX38v2, RAX40v2, RAX42, RAX43, RAX45, RAX48, RAX50, RAX50S, RAX75, RAX80, RAXE450, RAXE50...

8.8CVSS8AI score0.00576EPSS
Exploits0References4Affected Software35
nessus
nessus
added 2019/08/26 12:0 a.m.24 views

Fedora 29 : nfdump (2019-9013b5e75d)

2019-08-14 - Fix compile issues - Fix output buffer size for lzo1xdecompresssafe 2019-08-07 - Fix VerifyExtensionMap 179 2019-08-06 - Fix compile errors 2019-08-05 - Fix nfdump.1 man page. 175 - Fix off by 1 array. 173 - Fix use after free in ModifyCompressFile - Add bound checks in AddExporterSt...

7.8CVSS7.3AI score0.02709EPSS
Exploits1References3
redhat
redhat
added 2007/11/15 5:11 p.m.35 views

net-snmp remote DoS via udp packet

The SNMP agent snmpagent.c in net-snmp before 5.4.1 allows remote attackers to cause a denial of service CPU and memory consumption via a GETBULK request with a large max-repeaters value...

7.8CVSS7.4AI score0.28966EPSS
Exploits1References4
osv
osv
added 2007/11/06 9:46 p.m.2 views

DEBIAN-CVE-2007-5846

The SNMP agent snmpagent.c in net-snmp before 5.4.1 allows remote attackers to cause a denial of service CPU and memory consumption via a GETBULK request with a large max-repeaters value...

7.8CVSS8.4AI score0.28966EPSS
Exploits1References1
osv
osv
added 2007/11/06 9:46 p.m.8 views

CVE-2007-5846

The SNMP agent snmpagent.c in net-snmp before 5.4.1 allows remote attackers to cause a denial of service CPU and memory consumption via a GETBULK request with a large max-repeaters value...

8.1AI score0.28966EPSS
Exploits1References29
Rows per page
Query Builder