323 matches found
PT-2024-26149 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: A logic error in the code of shouldRestrictOverlayActivities in UsbProfileGroupSettingsManager.java could lead to a possible escape from SUW, resulting in local escalation of privilege with...
Vdisk shows “No Server” for size in the PVS Console
When viewing a vdisk in the PVS Console the size will show as "No Server". The following error also appears when using XenDesktop Setup Wizard: A required PVS server in the selected site is offline or there is no server assigned to a required store...
Cannot Connect to vCenter Through the Streamed VM Setup Wizard to Create VMs
Cannot connect to vCenter throughthe Streamed VM Setup Wizard in order to create Virtual Machines VMs...
PT-2024-3753 · D Link · D-Link Dir-619L
Name of the Vulnerable Software and Affected Versions: D-Link DIR-619L versions 2.06B1 Description: The issue is related to a buffer overflow in the formWlanSetup Wizard function of the D-Link DIR-619L router's firmware. This can be exploited by a remote attacker to cause a denial of service usin...
CVE-2024-20866
Authentication bypass vulnerability in Setupwizard prior to SMR May-2024 Release 1 allows physical attackers to skip activation step...
CVE-2023-41201
D-Link DAP-1325 HNAP SetSetupWizardStatus Enabled Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerabilit...
D-Link DAP-1325 安全漏洞
The D-Link DAP-1325 is a wireless access point/bridge from China's AUO D-Link that is primarily used to provide wireless network coverage and has a bridging feature that can convert a wired network to a wireless network or connect two wireless networks together. A security vulnerability exists in...
CVE-2024-25917 WordPress WP Setup Wizard plugin <= 1.0.8.1 - Auth. Full Database Download Vulnerability
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in CodeRevolution WP Setup Wizard.This issue affects WP Setup Wizard: from n/a through 1.0.8.1...
WordPress plugin WP Setup Wizard 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. An information disclosure...
Design/Logic Flaw
The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'setupwizard' function in all versions up to, and including, 7.8.4. This makes it possible for...
CVE-2024-1322 Directorist <= 7.8.4 - Missing Authorization to Unauthenticated Settings Change
The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'setupwizard' function in all versions up to, and including, 7.8.4. This makes it possible for...
CVE-2024-1322 Directorist <= 7.8.4 - Missing Authorization to Unauthenticated Settings Change
The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'setupwizard' function in all versions up to, and including, 7.8.4. This makes it possible for...
WP Setup Wizard < 1.0.8.2 - Authenticated (Subscriber+) Full Database Download
Description The WP Setup Wizard plugin for WordPress is vulnerable to unauthorized access of datadue to a missing capability check in all versions up to, and including, 1.0.8.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to download the entire...
PT-2024-17942 · WordPress · The Directorist: Ai-Powered Wordpress Business Directory Plugin With Classified Ads Listings
Name of the Vulnerable Software and Affected Versions: The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress versions up to, and including, 7.8.4 Description: The issue allows unauthorized modification of data due to a missing capability check on...
WordPress WP Setup Wizard Plugin <= 1.0.8.1 is vulnerable to Sensitive Data Exposure
Software WP Setup Wizard Type Plugin Vulnerable versions = 1.0.8.1 Fixed in 1.0.8.2 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-25917 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 5a05aed5e6cb Credits Dave Jong Patchstack...
The vulnerability of the /goform/formEasySetupWizard3 component of the D-Link N300 WI-Fi Router DIR-605L wireless access point software allows a attacker to cause a service failure or execute arbitrary code.
The vulnerability of the /goform/formEasySetupWizard3 component of the D-Link N300 WI-Fi Router DIR-605L wireless access point lies in the ability to write data beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions or execute...
CVE-2023-21397
In Setup Wizard, there is a possible way to save a WiFi network due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21397
In Setup Wizard, there is a possible way to save a WiFi network due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Default configuration
In Setup Wizard, there is a possible way to save a WiFi network due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21397
In Setup Wizard, there is a possible way to save a WiFi network due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...