PT-2024-1089 · D Link · D-Link Dcs-8300Lhv2

Name of the Vulnerable Software and Affected Versions: D-Link DCS-8300LHV2 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DCS-8300LHV2 IP cameras. Although authentication is required to exploi...

PT-2024-1090 · D Link · D-Link Dcs-8300Lhv2

Name of the Vulnerable Software and Affected Versions: D-Link DCS-8300LHV2 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DCS-8300LHV2 IP cameras. The specific flaw exists within the handling ...

Bosch Nexo cordless nutrunner security breach

Bosch Nexo Cordless nutrunner is a series of cordless tightening wrenches with integrated controls from Bosch Germany. A security vulnerability exists in Bosch Nexo cordless nutrunner. The vulnerability allows a remote attacker to access sensitive data within the export package or perform remote...

CVE-2023-6339 Google Nest WiFi Pro root code-execution & user-data compromise

Google Nest WiFi Pro root code-execution & user-data compromise...

Google Nest Security Breach

Google Nest is a smart home product from Google, Inc. in the United States. Google Nest has a security vulnerability that stems from root code execution and user data leakage...

SUSE CVE-2023-51589

BlueZ Audio Profile AVRCP parsemediaelement Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability ...

PT-2023-7106 · NetGear · Netgear Cax30

Name of the Vulnerable Software and Affected Versions: NETGEAR CAX30 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR CAX30 routers. The specific flaw exists within the sso binary, resulting fr...

PT-2023-9544 · Cisco · Cisco Small Business Rv042G +3

Name of the Vulnerable Software and Affected Versions: Cisco Small Business RV042, RV042G, RV320, and RV325 Routers affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, Administrator-level, remote attacker to execute...

CVE-2023-20196

Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. These vulnerabilities are due to improper validation of...

CVE-2023-20195

Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. These vulnerabilities are due to improper validation of...

PT-2023-7119 · Cisco · Cisco Ise

Name of the Vulnerable Software and Affected Versions: Cisco ISE affected versions not specified Description: The issue is related to improper validation of files uploaded to the web-based management interface, allowing an authenticated, remote attacker to upload arbitrary files to an affected...

ABUS TVIP Security Vulnerability

ABUS TVIP is a series of video surveillance cameras from the German company ABUS. A security vulnerability exists in ABUS TVIP that stems from the presence of path traversal, which allows an attacker to write to a file to arbitrarily execute code with root privileges...

CVE-2023-44959

An issue found in D-Link DSL-3782 v.1.03 and before allows remote authenticated users to execute arbitrary code as root via the Router IP Address fields of the network settings page...

CVE-2023-43478

fakeupload.cgi on the Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution ...

PT-2023-28838 · Telstra · Telstra Smart Modem Gen 2

Name of the Vulnerable Software and Affected Versions: Telstra Smart Modem Gen 2 Arcadyan LH1000 versions prior to 0.18.15r Description: The issue allows unauthenticated attackers to upload firmware images and configuration backups, potentially leading to code execution as root. This could enable...

D-Link DAP-2622 DDP Set SSID List RADIUS Server Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation ...

CVE-2023-41028

A stack-based buffer overflow exists in Juplink RX4-1500, a WiFi router, in versions 1.0.2 through 1.0.5. An authenticated attacker can exploit this vulnerability to achieve code execution as root...

PT-2023-26965 · Softing · Softing Secure Integration Server

Name of the Vulnerable Software and Affected Versions: Softing Secure Integration Server affected versions not specified Description: This issue allows remote attackers to create directories on affected installations, despite requiring authentication to exploit. The flaw exists within the handlin...

PT-2023-26966 · Softing · Softing Secure Integration Server

Name of the Vulnerable Software and Affected Versions: Softing Secure Integration Server affected versions not specified Description: This issue allows remote attackers to create arbitrary files on affected installations, despite requiring authentication, which can be bypassed. The flaw exists...

FreeBSD Security Vulnerabilities

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD versions 13.1 and 13.2, which stems from a buffer overflow vulnerability in the fwctl driver state machine. The vulnerability can be exploited to execute arbitrary code as root ...