Lucene search
K

8 matches found

NVD
NVD
added 2026/06/07 4:16 a.m.19 views

CVE-2026-11451

A flaw has been found in GL.iNet GL-MT3000 4.4.5. This impacts the function snprintf of the file /cgi-bin/glc of the component FTP Protocol Handler. Executing a manipulation of the argument mediadir can lead to command injection. It is possible to launch the attack remotely. Upgrading to version...

7.5CVSS0.02027EPSS
Exploits1References5
EUVD
EUVD
added 2026/06/07 3:15 a.m.14 views

EUVD-2026-34983

A vulnerability has been found in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function FUN0042e200 of the file /cgi-bin/glc of the component SETUSERPWD Handler. The manipulation of the argument Password leads to command injection. The attack can be initiated remotely. Upgrading to version 4.8....

7.5CVSS6.8AI score0.01681EPSS
Exploits1References5
EUVD
EUVD
added 2026/06/07 2:15 a.m.12 views

EUVD-2026-34980

A security vulnerability has been detected in GL.iNet GL-MT3000 4.4.5. The impacted element is the function rpcsys of the file /cgi-bin/luci/rpc of the component LuCI JSON-RPC Interface. Such manipulation leads to command injection. The attack may be performed from remote. Upgrading to version...

6.5CVSS5.2AI score0.01102EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2026/04/16 12:0 a.m.16 views

Fedora: Security Advisory (FEDORA-2026-04d6f223e0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS5.8AI score0.00324EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/31 11:48 p.m.4 views

Improper Authentication

Overview Flask-HTTPAuth is a HTTP authentication for Flask routes Affected versions of this package are vulnerable to Improper Authentication in the token verification process. An attacker can gain unauthorized access by submitting a request with a missing or empty token if the application stores...

8.3CVSS5.7AI score0.00324EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/16 6:8 p.m.9 views

Security Bulletin: PyArrow vulnerability affecting IBM Watson Studio in Cloud Pak for Data (CVE-2023-47248)

Summary PyArrow vulnerability in Runtimes 22.2 and Runtimes 23.1 components impacting IBM Watson Studio in Cloud Pak for Data. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-47248 DESCRIPTION: Deserialization of untrusted data in IP...

9.8CVSS7.1AI score0.14414EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2025-28980

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.00376EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/09/11 4:51 p.m.13 views

Flask App Builder has an Authentication Bypass vulnerability when using non AUTH_DB methods

Impact When Flask-AppBuilder is configured to use OAuth, LDAP, or other non-database authentication methods, the password reset endpoint remains registered and accessible, despite not being displayed in the user interface. This allows an enabled user to reset their password and be able to create...

6.5CVSS7.2AI score0.00376EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder