679 matches found
PT-2023-8214 · D Link · D-Link G416
Name of the Vulnerable Software and Affected Versions: D-Link G416 affected versions not specified Description: The issue is related to a stack-based buffer overflow in the httpd API-AUTH Timestamp Processing function of the D-Link G416 router's HTTP microprogram. This can be exploited by a remot...
PT-2023-8308 · D Link · D-Link Dir-X3260
Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. The specific flaw exists within the prog.cgi binary,...
CVE-2023-20161
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...
CVE-2023-20157
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...
CVE-2023-20189
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...
CVE-2023-20156
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...
CVE-2023-20158
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...
PT-2023-2830 · Cisco · Cisco Small Business Series Switches
Name of the Vulnerable Software and Affected Versions: Cisco Small Business Series Switches affected versions not specified Description: The issue is related to insufficient protection of service data in the web interface of Cisco Small Business Series Switches. It may allow a remote attacker to...
The vulnerability of the libcms_cli module in NETGEAR RAX30 router microprogramming software allows a hacker to execute arbitrary code in the root context.
The vulnerability of the libcmscli module in NETGEAR RAX30 router microprogramming software is related to the lack of measures for cleaning input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code in the root context...
The vulnerability of NETGEAR RAX30 router microprogramming software lies in the lack of proper verification of the length of user data before it is copied into the fixed-length stack buffer. This allows a hacker to execute arbitrary code in the context of the root user.
The vulnerability of NETGEAR RAX30 router microprogramming software lies in the lack of proper verification of the length of user data before it is copied into the fixed-length stack buffer. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the root context using...
PT-2023-3300 · Tp Link · Tp-Link Archer Ax21
Name of the Vulnerable Software and Affected Versions: TP-Link Archer AX21 AX1800 versions affected versions not specified Description: This issue allows remote attackers to gain access to LAN-side services on affected installations of TP-Link Archer AX21 routers. Authentication is not required t...
CVE-2023-27353
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the msprox endpoint. The issue results from the lack of...
CVE-2023-27352
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the SMB directory query command. The issue...
CVE-2023-20864
VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root...
VMware Aria Operations for Logs 代码问题漏洞
VMware Aria Operations for Logs is a centralized log management solution from VMware. The product supports log organization and log analysis. A security vulnerability exists in VMware Aria Operations for Logs, which stems from a deserialization vulnerability that could be exploited by an attacker...
PT-2023-2388 · Vmware · Vmware Aria Operations For Logs
Name of the Vulnerable Software and Affected Versions: VMware Aria Operations for Logs affected versions not specified Description: The issue is related to a deserialization vulnerability in VMware Aria Operations for Logs. An unauthenticated, malicious actor with network access to the system may...
PT-2023-21074 · Sonos · Sonos One Speaker
Name of the Vulnerable Software and Affected Versions: Sonos One Speaker version 70.3-35220 Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations. Authentication is not required to exploit this issue. The specific flaw exists within the...
PT-2023-21076 · Sonos · Sonos One Speaker
Name of the Vulnerable Software and Affected Versions: Sonos One Speaker version 70.3-35220 Description: This issue allows network-adjacent attackers to disclose sensitive information on affected installations. Authentication is not required to exploit this issue. The specific flaw exists within...
CVE-2022-43631
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
CVE-2022-43632
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...