20 matches found
EUVD-2025-36676
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fimfetchattributesstate implementation does not check whether timestring is NULL or not before calling strlen on it. A compromised agent can cause a crash of analysisd by sending a...
Wazuh 代码问题漏洞
Wazuh is a Wazuh open source application. It is used to collect, aggregate, index and analyze security data to help organizations detect intrusions, threats and behavioral anomalies. A code issue vulnerability exists in Wazuh versions prior to 4.11.0 that stems from not checking if timestring is...
EUVD-2011-3784
Malware in sbrugna...
CLSA-2025-1750785256 curl: Fix of CVE-2024-7264
CVE-2024-7264: fix out-of-bound read in GTime2str function...
CVE-2023-43204
D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub2EF50. This vulnerability allows attackers to execute arbitrary commands via the manual-time-string parameter...
The vulnerability of the sub_2EF50() function in D-Link DWL-6610AP wireless access points allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the sub2EF50 function in D-Link DWL-6610AP wireless access points relates to the failure to eliminate special elements used in the operating system’s command for processing the manual-time-string parameter. Exploiting this vulnerability allows an attacker to compromise the...
CVE-2023-43204
D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub2EF50. This vulnerability allows attackers to execute arbitrary commands via the manual-time-string parameter...
CVE-2023-43204
D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub2EF50. This vulnerability allows attackers to execute arbitrary commands via the manual-time-string parameter...
CVE-2023-43204
D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub2EF50. This vulnerability allows attackers to execute arbitrary commands via the manual-time-string parameter...
Command injection
D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub2EF50. This vulnerability allows attackers to execute arbitrary commands via the manual-time-string parameter...
D-LINK DWL-6610 Command Injection Vulnerability
The D-Link DWL-6610 is a wireless access point from China-based D-Link. A security vulnerability exists in the D-LINK DWL-6610, which originates from a command injection vulnerability in the function sub2EF50. The vulnerability can be exploited to execute arbitrary commands via the...
CVE-2023-43204
D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub2EF50. This vulnerability allows attackers to execute arbitrary commands via the manual-time-string parameter...
CVE-2023-43204
D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub2EF50. This vulnerability allows attackers to execute arbitrary commands via the manual-time-string parameter...
PT-2023-5384 · D Link · D-Link Dwl-6610Ap
Name of the Vulnerable Software and Affected Versions: D-LINK DWL-6610 version FW v 4.3.0.8B003C Description: The issue is related to a command injection vulnerability in the sub 2EF50 function. This vulnerability allows attackers to execute arbitrary commands via the manual-time-string parameter...
SUSE CVE-2017-5838
The gstdatetimenewfromiso8601string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service out-of-bounds heap read via a malformed datetime string...
Information Disclosure Through Timing Attack
actionpack and activesupport is vulnerable to information disclosure. The vulnerability exists as timing attack was possible through the lack of constant time string comparison made for the message digest, causing information disclosure...
Novell iPrint Client ActiveX Control Date/Time Buffer Overflow
No description provided by source. $Id: novelliprintdatetime.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and term...
SAP Router - Timing Attack Password Disclosure
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ SAP Router Password Timing Attack 1. Advisory Information Title: SAP Router Password Timing Attack Advisory ID: CORE-2014-0003 Advisory URL: http://www.coresecurity.com/advisories/sap-router-password-timing-attack Date published:...
CVE-2011-3827
The iCalendar component in gwwww1.dll in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before Support Pack 3 allows remote attackers to cause a denial of service out-of-bounds read and daemon crash via a crafted date-time string in a .ics attachment...
Citrix Provisioning Services SoapServer Buffer Overflow Vulnerability
This host is installed with Citrix Provisioning Services and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbcitrixprovisioningservicessoapserverbofvuln.nasl 5956 2017-04-14 09:02:12Z teissa $ Citrix Provisioning Services SoapServer Buffer Overflow Vulnerability...