Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

746 matches found

NVD
NVDadded 2024/05/03 2:15 a.m.11 views

CVE-2023-35725

D-Link DAP-2622 DDP User Verification Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...

8.8CVSS9.1AI score0.02203EPSS
Exploits0References2
NVD
NVDadded 2024/05/03 2:15 a.m.17 views

CVE-2023-35727

D-Link DAP-2622 DDP Reboot Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...

8.8CVSS9.1AI score0.01855EPSS
Exploits0References2
NVD
NVDadded 2024/05/03 2:15 a.m.11 views

CVE-2023-35718

D-Link DAP-2622 DDP Change ID Password Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...

8.8CVSS9.1AI score0.02285EPSS
Exploits0References2
NVD
NVDadded 2024/05/03 2:15 a.m.13 views

CVE-2023-34279

D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Authentication is not required to exploit this vulnerability. The...

8.8CVSS7.2AI score0.00722EPSS
Exploits0References1
NVD
NVDadded 2024/05/03 2:15 a.m.13 views

CVE-2023-34277

D-Link DIR-2150 SetSysEmailSettings AccountName Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this...

8CVSS7.2AI score0.00184EPSS
Exploits0References1
NVD
NVDadded 2024/05/03 2:15 a.m.15 views

CVE-2023-34278

D-Link DIR-2150 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this...

8CVSS7.2AI score0.00184EPSS
Exploits0References1
NVD
NVDadded 2024/05/03 2:15 a.m.11 views

CVE-2023-34276

D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this...

8CVSS7.2AI score0.00184EPSS
Exploits0References1
CVE
CVEadded 2024/05/03 2:15 a.m.86 views

CVE-2023-51596

CVE-2023-51596 refers to a heap-based buffer overflow in BlueZ’s Phone Book Access Profile that can lead to remote code execution with root privileges after a device connection to a malicious Bluetooth device. The flaw arises from improper validation of user-supplied data length before copying in...

7.1CVSS7.3AI score0.03489EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2024/05/03 2:15 a.m.15 views

CVE-2023-32153

D-Link DIR-2640 EmailFrom Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this vulnerability, the existing...

6.8CVSS7.2AI score0.00708EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/05/03 2:15 a.m.19 views

CVE-2023-51589 BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds Read Information Disclosure Vulnerability

BlueZ Audio Profile AVRCP parsemediaelement Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability ...

5.4CVSS5.8AI score0.0004EPSS
Exploits0References1
NVD
NVDadded 2024/05/03 2:15 a.m.13 views

CVE-2023-32147

D-Link DIR-2640 LocalIPAddress Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this vulnerability, the existin...

6.8CVSS7.2AI score0.00299EPSS
Exploits0References2
OSV
OSVadded 2024/05/03 2:15 a.m.2 views

CVE-2023-27360

NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS6.3AI score0.00056EPSS
Exploits0References2
NVD
NVDadded 2024/05/03 2:15 a.m.9 views

CVE-2023-27356

NETGEAR RAX30 logCtrl Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability, the existing...

8CVSS7.2AI score0.00293EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2024/05/03 2:15 a.m.1 views

CVE-2023-27335

Softing edgeAggregator Client Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. User interaction is required to exploit this vulnerability in that the target must visi...

9.6CVSS7.1AI score0.0055EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2024/05/03 2:15 a.m.12 views

CVE-2023-27322

Parallels Desktop Service Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host...

7.8CVSS7.9AI score0.00141EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2024/05/03 2:15 a.m.16 views

CVE-2023-27349

BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the...

8CVSS7.4AI score0.0307EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2024/05/03 2:14 a.m.21 views

CVE-2023-50229

BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must...

8CVSS7.5AI score0.03586EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2024/05/03 2:14 a.m.18 views

CVE-2023-50225 TP-Link TL-WR902AC dm_fillObjByStr Stack-based Buffer Overflow Remote Code Execution Vulnerability

TP-Link TL-WR902AC dmfillObjByStr Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR902AC routers. Authentication is required to exploit this vulnerability. The...

6.8CVSS7.2AI score0.00872EPSS
Exploits0References2
CVE
CVEadded 2024/05/03 2:14 a.m.57 views

CVE-2023-50225

CVE-2023-50225 affects TP-Link TL-WR902AC. The vulnerability is a stack-based buffer overflow in libcmm.so caused by improper validation of the length of user-supplied data, allowing network-adjacent attackers to execute code with root privileges. Exploitation requires authentication and is descr...

6.8CVSS7.1AI score0.00872EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2024/05/03 2:14 a.m.59 views

CVE-2023-50217

CVE-2023-50217 affects D-Link G416 routers. The flaw allows network-adjacent attackers to achieve root-level command injection through the HTTP service (port 80) due to improper validation of a user-supplied string before executing a system call. The issue enables arbitrary code execution in the ...

8.8CVSS9.1AI score0.02451EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder