Lucene search
K

306 matches found

Cvelist
Cvelist
added 2024/05/03 1:57 a.m.43 views

CVE-2023-34276 D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution Vulnerability

D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this...

6.8CVSS7.5AI score0.0176EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/03 1:57 a.m.49 views

CVE-2023-34275 D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerability

D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this vulnerability, the...

6.8CVSS7.5AI score0.0176EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/04/09 12:0 a.m.24 views

Arista NG Firewall ReportEntry SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Authentication is required to exploit this vulnerability. The specific flaw exists within the ReportEntry class. The issue results from the lack of proper validation of a...

8.8CVSS8.1AI score0.08794EPSS
Exploits0References1
OSV
OSV
added 2024/04/02 12:30 a.m.17 views

GHSA-626R-CJ47-P49G Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulnerability

Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS9.2AI score0.01371EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/04/02 12:30 a.m.25 views

Centreon updateContactHostCommands SQL Injection Remote Code Execution Vulnerability

Centreon updateContactHostCommands SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

7.2CVSS9AI score0.53411EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2024/04/02 12:30 a.m.19 views

Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulnerability

Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS9AI score0.01371EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2024/04/02 12:30 a.m.28 views

Centreon updateLCARelation SQL Injection Remote Code Execution Vulnerability

Centreon updateLCARelation SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the updateLCARelation...

7.2CVSS9AI score0.53411EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2024/04/01 10:15 p.m.21 views

CVE-2024-23119

Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS9.2AI score0.01371EPSS
Exploits0References1
NVD
NVD
added 2024/04/01 10:15 p.m.22 views

CVE-2024-1863

Sante PACS Server Token Endpoint SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within th...

9.8CVSS10AI score0.01134EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/01 9:48 p.m.11 views

CVE-2024-23119 Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulnerability

Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS8.6AI score0.01371EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/01 9:47 p.m.25 views

CVE-2024-23117 Centreon updateContactServiceCommands SQL Injection Remote Code Execution Vulnerability

Centreon updateContactServiceCommands SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

7.2CVSS7.8AI score0.53411EPSS
Exploits0References1
CVE
CVE
added 2024/04/01 9:47 p.m.68 views

CVE-2024-23117

CVE-2024-23117 concerns Centreon: the vulnerability is in the updateContactServiceCommands function where user-supplied input is not properly validated before being used to build SQL queries. This leads to a SQL Injection that can execute arbitrary code in the context of the Centreon service acco...

7.2CVSS7.5AI score0.53411EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/04/01 9:45 p.m.31 views

CVE-2024-0637 Centreon updateDirectory SQL Injection Remote Code Execution Vulnerability

Centreon updateDirectory SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the updateDirectory...

8.8CVSS9.4AI score0.72319EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/02/15 12:0 a.m.21 views

SolarWinds Orion Platform AppendUpdate SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Platform. Authentication is required to exploit this vulnerability. The specific flaw exists within the AppendUpdate method. The issue results from the lack of proper validation of a...

8.8CVSS8.1AI score0.01578EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/02/09 12:0 a.m.21 views

Centreon updateLCARelation SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the updateLCARelation function. The issue results from the lack of proper validation of a...

7.2CVSS8.1AI score0.53411EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/02/09 12:0 a.m.18 views

Centreon updateContactHostCommands SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the updateContactHostCommands function. The issue results from the lack of proper validation of a...

7.2CVSS8.1AI score0.53411EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/02/09 12:0 a.m.19 views

Centreon updateContactServiceCommands SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the updateContactServiceCommands function. The issue results from the lack of proper validation of ...

7.2CVSS8.1AI score0.53411EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/01/11 12:0 a.m.23 views

D-Link DIR-X3260 prog.cgi SetSysEmailSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.5AI score0.01126EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/01/11 12:0 a.m.27 views

D-Link DIR-X3260 prog.cgi SetWanSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.5AI score0.01126EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/01/11 12:0 a.m.20 views

D-Link DIR-X3260 prog.cgi SetAPClientSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.5AI score0.01126EPSS
Exploits0References1
Rows per page
Query Builder