CVE-2023-31996

Hanwha IP Camera ANE-L7012R 1.41.01 is vulnerable to Command Injection due to improper sanitization of special characters for the NAS storage test function...

Exploit for Command Injection in Sophos Web_Appliance

Сve-2023-1671 How does cve-2023-1671https://vulners.com/c...

kernel: iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: avoid invalid memory access via nodeonlineNUMANONODE KASAN reports: 4.668325 T0 BUG: KASAN: wild-memory-access in dmarparseonerhsa arch/x86/include/asm/bitops.h:214 arch/x86/include/asm/bitops.h:226...

CVE-2022-47071

In NVS365 V01, the background network test function can trigger command execution...

NVS365 安全漏洞

NVS365 is a network video server from NVS365. A security vulnerability exists in NVS365 version V01, which stems from a command execution that can be triggered by the background network test function...

IsWrappedFcash check is a gas bomb

Lines of code Vulnerability details Impact In the isWrappedFCash check, the notionalTradeModule check whether the component is a wrappedCash with the following logic. try IWrappedfCashfCashPosition.getDecodedID returnsuint16 currencyId, uint40 maturity try...

CVE-2022-29855

Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 5.1.0.8016 and earlier, and 6.0 6.0.0.368 through 6.1 HF4 6.1.0.165, could allow a unauthenticated...

CVE-2021-41590

In Gradle Enterprise through 2021.3, probing of the server-side network environment can occur via an SMTP configuration test. The installation configuration user interface available to administrators allows testing the configured SMTP server settings. This test function can be used to identify th...

PT-2021-19617 · Axis Communications +1 · Axis Os +3

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a user-controlled parameter in the SMTP test functionality that is not correctly validated. This allows an attacker to add...

GitLab CE and EE Cross-Site Request Forgery Vulnerability

GitLab is a set of Ruby on Rails development of open source applications , can be realized as a self-hosted Git version control system project repository , which has a similar function to Github , you can check the project's file content , the history of commits , the list of bugs , etc. System...

Mozilla: Type confusion in display transformation (MFSA 2016-78)

The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages "type confusion."...

Stack overflow

Stack-based buffer overflow in BKFSimvhfd.exe in Yokogawa CENTUM CS 1000, CENTUM CS 3000 R3.09.50 and earlier, CENTUM VP R5.03.20 and earlier, Exaopc R3.72.00 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier, when FCS/Test Function is enabled, allows remote attacke...

dns-update NSE Script

Attempts to perform a dynamic DNS update without authentication. Either the test or both the hostname and ip script arguments are required. Note that the test function will probably fail due to using a static zone name that is not the zone configured on your target. Script Arguments dns-update.te...

intval()is used improperly cause a security vulnerability analysis-vulnerability warning-the black bar safety net

author: xy780sec.com from: A description of the classification intval function has two characteristics:"until the encounter on the numbers or the positive and negative symbols before starting to do the conversion, and then encounter non-numeric or string at the end\0end of conversion",in certain...

Posible security bug in phpMyWebhosting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all. There is a posible security bug in the phpMyWebhosting http://sourceforge.net/projects/phpmywebhosting/ File: includes/functions/pmwh.php Function: test Code: - ------------------------------------------------------------------------ ...... if...