CVE-2020-12830

Addressed multiple stack buffer overflow vulnerabilities that could allow an attacker to carry out escalation of privileges through unauthorized remote code execution in Western Digital My Cloud devices before 5.04.114...

Two Zero-Day Flaws Found in Ivanti Connect Secure and Policy Secure

Summary: The active exploitation of zero-day vulnerabilities CVE-2023-46805 and CVE-2024-21887 in Ivanti Connect Secure and Ivanti Policy Secure gateways presents a serious threat, allowing unauthorized remote code execution. The actor, recognized as the Chinese nation-state-level entity UTA0178,...

CVE-2022-34747

A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21AAZF.12C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet...

CVE-2022-34747

The CVE-2022-34747 entry applies to Zyxel NAS326, NAS540, and NAS542 devices with firmware versions prior to V5.21(AAZF.12)C0. The root cause is a format-string vulnerability in UDP packet handling that could allow an attacker to achieve unauthorized remote code execution. Affected models include...

Cross site request forgery (csrf)

A security issue was found in EdgePower 24V/54V firmware v1.7.0 and earlier where, due to missing CSRF protections, an attacker would have been able to perform unauthorized remote code execution...

CVE-2020-12830

The CVE-2020-12830 entry concerns Western Digital My Cloud devices and the vulnerability is a stack buffer overflow in unspecified components that could allow an attacker to escalate privileges via unauthorized remote code execution. Affected software is My Cloud firmware prior to version 5.04.11...

CVE-2020-12830

Addressed multiple stack buffer overflow vulnerabilities that could allow an attacker to carry out escalation of privileges through unauthorized remote code execution in Western Digital My Cloud devices before 5.04.114...