Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/29 4:46 p.m.6 views

EUVD-2025-36676

Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fimfetchattributesstate implementation does not check whether timestring is NULL or not before calling strlen on it. A compromised agent can cause a crash of analysisd by sending a...

6.9CVSS6.2AI score0.00372EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/10/29 12:0 a.m.4 views

Wazuh 代码问题漏洞

Wazuh is a Wazuh open source application. It is used to collect, aggregate, index and analyze security data to help organizations detect intrusions, threats and behavioral anomalies. A code issue vulnerability exists in Wazuh versions prior to 4.11.0 that stems from not checking if timestring is...

7.5CVSS6.8AI score0.00372EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2011-3784

Malware in sbrugna...

4.3CVSS6.2AI score0.03694EPSS
Exploits0References7
OSV
OSV
added 2025/06/24 5:14 p.m.7 views

CLSA-2025-1750785256 curl: Fix of CVE-2024-7264

CVE-2024-7264: fix out-of-bound read in GTime2str function...

6.5CVSS6.8AI score0.17301EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:22 a.m.8 views

CVE-2023-43204

D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub2EF50. This vulnerability allows attackers to execute arbitrary commands via the manual-time-string parameter...

9.8CVSS8.7AI score0.0231EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2023/09/25 12:0 a.m.6 views

The vulnerability of the sub_2EF50() function in D-Link DWL-6610AP wireless access points allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the sub2EF50 function in D-Link DWL-6610AP wireless access points relates to the failure to eliminate special elements used in the operating system’s command for processing the manual-time-string parameter. Exploiting this vulnerability allows an attacker to compromise the...

10CVSS7.7AI score0.0231EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2023/09/20 2:15 p.m.12 views

CVE-2023-43204

D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub2EF50. This vulnerability allows attackers to execute arbitrary commands via the manual-time-string parameter...

9.8CVSS10AI score0.0231EPSS
Exploits1References1
OSV
OSV
added 2023/09/20 2:15 p.m.4 views

CVE-2023-43204

D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub2EF50. This vulnerability allows attackers to execute arbitrary commands via the manual-time-string parameter...

9.8CVSS6AI score0.0231EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/09/20 2:15 p.m.2 views

CVE-2023-43204

D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub2EF50. This vulnerability allows attackers to execute arbitrary commands via the manual-time-string parameter...

9.8CVSS7.5AI score0.0231EPSS
Exploits1References2
Prion
Prion
added 2023/09/20 2:15 p.m.15 views

Command injection

D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub2EF50. This vulnerability allows attackers to execute arbitrary commands via the manual-time-string parameter...

7.5CVSS9.9AI score0.0231EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2023/09/20 12:0 a.m.4 views

D-LINK DWL-6610 Command Injection Vulnerability

The D-Link DWL-6610 is a wireless access point from China-based D-Link. A security vulnerability exists in the D-LINK DWL-6610, which originates from a command injection vulnerability in the function sub2EF50. The vulnerability can be exploited to execute arbitrary commands via the...

9.8CVSS8.2AI score0.0231EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/09/20 12:0 a.m.12 views

CVE-2023-43204

D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub2EF50. This vulnerability allows attackers to execute arbitrary commands via the manual-time-string parameter...

10AI score0.0231EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/09/20 12:0 a.m.11 views

CVE-2023-43204

D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub2EF50. This vulnerability allows attackers to execute arbitrary commands via the manual-time-string parameter...

8.6AI score0.0231EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/07/10 12:0 a.m.5 views

PT-2023-5384 · D Link · D-Link Dwl-6610Ap

Name of the Vulnerable Software and Affected Versions: D-LINK DWL-6610 version FW v 4.3.0.8B003C Description: The issue is related to a command injection vulnerability in the sub 2EF50 function. This vulnerability allows attackers to execute arbitrary commands via the manual-time-string parameter...

9.8CVSS8.2AI score0.0231EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:49 a.m.4 views

SUSE CVE-2017-5838

The gstdatetimenewfromiso8601string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service out-of-bounds heap read via a malformed datetime string...

7.5CVSS6.9AI score0.04574EPSS
Exploits0References6
Veracode
Veracode
added 2019/06/21 4:33 a.m.27 views

Information Disclosure Through Timing Attack

actionpack and activesupport is vulnerable to information disclosure. The vulnerability exists as timing attack was possible through the lack of constant time string comparison made for the message digest, causing information disclosure...

5CVSS5.6AI score0.02232EPSS
Exploits1References9Affected Software2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

Novell iPrint Client ActiveX Control Date/Time Buffer Overflow

No description provided by source. $Id: novelliprintdatetime.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and term...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2014/04/17 12:0 a.m.77 views

SAP Router - Timing Attack Password Disclosure

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ SAP Router Password Timing Attack 1. Advisory Information Title: SAP Router Password Timing Attack Advisory ID: CORE-2014-0003 Advisory URL: http://www.coresecurity.com/advisories/sap-router-password-timing-attack Date published:...

4.3CVSS6.9AI score0.02818EPSS
Exploits5
NVD
NVD
added 2012/09/19 10:57 a.m.31 views

CVE-2011-3827

The iCalendar component in gwwww1.dll in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before Support Pack 3 allows remote attackers to cause a denial of service out-of-bounds read and daemon crash via a crafted date-time string in a .ics attachment...

4.3CVSS6.4AI score0.03694EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2012/08/02 12:0 a.m.17 views

Citrix Provisioning Services SoapServer Buffer Overflow Vulnerability

This host is installed with Citrix Provisioning Services and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbcitrixprovisioningservicessoapserverbofvuln.nasl 5956 2017-04-14 09:02:12Z teissa $ Citrix Provisioning Services SoapServer Buffer Overflow Vulnerability...

7.5CVSS0.8AI score0.04536EPSS
Exploits0References3
Rows per page
Query Builder