Lucene search
K

323 matches found

Positive Technologies
Positive Technologies
added 2024/08/15 12:0 a.m.7 views

PT-2024-26149 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: A logic error in the code of shouldRestrictOverlayActivities in UsbProfileGroupSettingsManager.java could lead to a possible escape from SUW, resulting in local escalation of privilege with...

7.8CVSS7AI score0.00189EPSS
Exploits0References5
Citrix
Citrix
added 2024/07/13 12:0 a.m.15 views

Vdisk shows “No Server” for size in the PVS Console

When viewing a vdisk in the PVS Console the size will show as "No Server". The following error also appears when using XenDesktop Setup Wizard: A required PVS server in the selected site is offline or there is no server assigned to a required store...

6.9AI score
Exploits0
Citrix
Citrix
added 2024/07/13 12:0 a.m.6 views

Cannot Connect to vCenter Through the Streamed VM Setup Wizard to Create VMs

Cannot connect to vCenter throughthe Streamed VM Setup Wizard in order to create Virtual Machines VMs...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/05/10 12:0 a.m.6 views

PT-2024-3753 · D Link · D-Link Dir-619L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-619L versions 2.06B1 Description: The issue is related to a buffer overflow in the formWlanSetup Wizard function of the D-Link DIR-619L router's firmware. This can be exploited by a remote attacker to cause a denial of service usin...

6.5CVSS7.5AI score0.01034EPSS
Exploits1References5
OSV
OSV
added 2024/05/07 5:15 a.m.4 views

CVE-2024-20866

Authentication bypass vulnerability in Setupwizard prior to SMR May-2024 Release 1 allows physical attackers to skip activation step...

6.6CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2024/05/03 3:15 a.m.3 views

CVE-2023-41201

D-Link DAP-1325 HNAP SetSetupWizardStatus Enabled Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerabilit...

8.8CVSS6.2AI score
Exploits0References2
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.6 views

D-Link DAP-1325 安全漏洞

The D-Link DAP-1325 is a wireless access point/bridge from China's AUO D-Link that is primarily used to provide wireless network coverage and has a bridging feature that can convert a wired network to a wireless network or connect two wireless networks together. A security vulnerability exists in...

8.8CVSS9.3AI score0.0075EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/25 8:39 a.m.16 views

CVE-2024-25917 WordPress WP Setup Wizard plugin <= 1.0.8.1 - Auth. Full Database Download Vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in CodeRevolution WP Setup Wizard.This issue affects WP Setup Wizard: from n/a through 1.0.8.1...

8.8CVSS6.8AI score0.00644EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/25 12:0 a.m.2 views

WordPress plugin WP Setup Wizard 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. An information disclosure...

8.8CVSS8AI score0.00644EPSS
Exploits0References2
Prion
Prion
added 2024/02/29 1:43 a.m.22 views

Design/Logic Flaw

The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'setupwizard' function in all versions up to, and including, 7.8.4. This makes it possible for...

5CVSS6.9AI score0.00524EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/02/20 6:56 p.m.27 views

CVE-2024-1322 Directorist <= 7.8.4 - Missing Authorization to Unauthenticated Settings Change

The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'setupwizard' function in all versions up to, and including, 7.8.4. This makes it possible for...

5.3CVSS5.3AI score0.00524EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/02/20 6:56 p.m.12 views

CVE-2024-1322 Directorist <= 7.8.4 - Missing Authorization to Unauthenticated Settings Change

The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'setupwizard' function in all versions up to, and including, 7.8.4. This makes it possible for...

5.3CVSS6.7AI score0.00524EPSS
Exploits0References3
WPVulnDB
WPVulnDB
added 2024/02/20 12:0 a.m.24 views

WP Setup Wizard < 1.0.8.2 - Authenticated (Subscriber+) Full Database Download

Description The WP Setup Wizard plugin for WordPress is vulnerable to unauthorized access of datadue to a missing capability check in all versions up to, and including, 1.0.8.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to download the entire...

6.5CVSS6.3AI score0.00644EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/02/20 12:0 a.m.6 views

PT-2024-17942 · WordPress · The Directorist: Ai-Powered Wordpress Business Directory Plugin With Classified Ads Listings

Name of the Vulnerable Software and Affected Versions: The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress versions up to, and including, 7.8.4 Description: The issue allows unauthorized modification of data due to a missing capability check on...

5.3CVSS6.1AI score0.00524EPSS
Exploits0References7
Patchstack
Patchstack
added 2024/02/14 12:0 a.m.10 views

WordPress WP Setup Wizard Plugin <= 1.0.8.1 is vulnerable to Sensitive Data Exposure

Software WP Setup Wizard Type Plugin Vulnerable versions = 1.0.8.1 Fixed in 1.0.8.2 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-25917 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 5a05aed5e6cb Credits Dave Jong Patchstack...

8.8CVSS6.5AI score0.00644EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/03 12:0 a.m.10 views

The vulnerability of the /goform/formEasySetupWizard3 component of the D-Link N300 WI-Fi Router DIR-605L wireless access point software allows a attacker to cause a service failure or execute arbitrary code.

The vulnerability of the /goform/formEasySetupWizard3 component of the D-Link N300 WI-Fi Router DIR-605L wireless access point lies in the ability to write data beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions or execute...

9CVSS8.2AI score0.01192EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2023/10/30 6:15 p.m.20 views

CVE-2023-21397

In Setup Wizard, there is a possible way to save a WiFi network due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.8AI score0.001EPSS
Exploits0References1
OSV
OSV
added 2023/10/30 6:15 p.m.3 views

CVE-2023-21397

In Setup Wizard, there is a possible way to save a WiFi network due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.001EPSS
Exploits0References1
Prion
Prion
added 2023/10/30 6:15 p.m.18 views

Default configuration

In Setup Wizard, there is a possible way to save a WiFi network due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

4.3CVSS8.2AI score0.001EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/30 5:1 p.m.15 views

CVE-2023-21397

In Setup Wizard, there is a possible way to save a WiFi network due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.4AI score0.001EPSS
Exploits0References1
Rows per page
Query Builder