15 matches found
CVE-2026-26793
GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the setconfig function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...
CVE-2026-26793
GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the setconfig function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...
CVE-2026-26793
GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the setconfig function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...
CVE-2026-26793
GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the setconfig function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...
CVE-2026-26793
GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the setconfig function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...
CVE-2026-26793
GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the setconfig function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...
GL-iNet GL-AR300M16 安全漏洞
GL-iNet GL-AR300M16 is a portable mini router produced by the Chinese company GL-iNet. The GL-iNet GL-AR300M16 v4.3.11 version contains a security vulnerability. This vulnerability stems from a command injection vulnerability in the setconfig function, which may allow for the execution of arbitra...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002741)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002741 advisory. The xc2028setconfig function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service...
CVE-2022-20147
In nfadmchecksetconfig of nfadmmain.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...
CVE-2021-41558
The setuser extension module before 3.0.0 for PostgreSQL allows ProcessUtilityhook bypass via setconfig...
CVE-2021-41558
The CVE-2021-41558 entry concerns the set_user extension module for PostgreSQL, affected in versions before 3.0.0. The root cause is a bypass of the ProcessUtility_hook via set_config, enabling an unintended execution path. The vulnerability is described as allowing a bypass with potential elevat...
PostgreSQL 处理逻辑错误漏洞
PostgreSQL is a free object-relational database management system organized by Postgresql. The system supports most of the SQL standards and provides many other features such as foreign keys, triggers, views, and more. A Processing Logic Error vulnerability exists in PostgreSQL, which stems from ...
Cross site scripting
Stored XSS in Serendipity v2.1-rc1 allows an attacker to steal an admin's cookie and other information by composing a new entry as an editor user. This is related to lack of the serendipityeventxsstrust plugin and a setconfig error in that plugin...
CVE-2017-8102
Stored XSS in Serendipity v2.1-rc1 allows an attacker to steal an admin’s cookie and other information by crafting a new entry as an editor user. The root cause is related to the absence of the serendipity_event_xsstrust plugin and a set_config error in that plugin. No explicit remediation is pro...
CVE-2017-8102
Stored XSS in Serendipity v2.1-rc1 allows an attacker to steal an admin's cookie and other information by composing a new entry as an editor user. This is related to lack of the serendipityeventxsstrust plugin and a setconfig error in that plugin...