8 matches found
EUVD-2024-29276
Malicious code in bioql PyPI...
CVE-2025-3759
Endpoint /cgi-bin-igd/netcoreset.cgi which is used for changing device configuration is accessible without authentication. This poses a significant security threat allowing for e.g: administrator account hijacking or AP password changing. The vendor was contacted early about this disclosure but d...
CVE-2024-11488 115cms web_user.html cross site scripting
A vulnerability was found in 115cms up to 20240807 and classified as problematic. This issue affects some unknown processing of the file /app/admin/view/webuser.html. The manipulation of the argument ks leads to cross site scripting. The attack may be initiated remotely. The exploit has been...
CVE-2024-10596
A vulnerability was found in ESAFENET CDG 5. It has been rated as critical. Affected by this issue is the function delEntryptPolicySort of the file /com/esafenet/servlet/system/EncryptPolicyTypeService.java. The manipulation of the argument id leads to sql injection. The attack may be launched...
CVE-2024-10279 ESAFENET CDG PrintPolicyService.java sql injection
A vulnerability was found in ESAFENET CDG 5. It has been declared as critical. This vulnerability affects unknown code of the file /com/esafenet/servlet/policy/PrintPolicyService.java. The manipulation of the argument policyId leads to sql injection. The attack can be initiated remotely. The...
CVE-2024-8576
A vulnerability was found in TOTOLINK AC1200 T8 and AC1200 T10 4.1.5cu.861B20230220/4.1.8cu.5207. It has been classified as critical. Affected is the function setIpPortFilterRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument desc leads to buffer overflow. It is possible to...
CVE-2024-3203
The CVE-2024-3203 issue affects c-blosc2 up to 2.13.2, where the ndlz8_decompress function in /src/c-blosc2/plugins/codecs/ndlz/ndlz8x8.c enables a heap-based buffer overflow that can be triggered remotely. Upgrading to version 2.14.3 addresses the vulnerability. The exploitation details are desc...
Buffalo Linkstation Privilege Escalation / Information Disclosure
Release Date. 30-Nov-2012 Last Update. - Vendor Notification Date. 23.Dec.2011 Product. Linkstation & Others Platform. Buffalo Technology Affected versions. Including Actual Version Severity Rating. Medium Impact. Privilege escalation, Information Disclosure Attack Vector. From remote Solution...