Lucene search
K

14 matches found

EUVD
EUVD
added 2026/04/28 2:6 a.m.6 views

EUVD-2026-25970

A post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP configuration file in Zyxel DX3301-T0 and EX3301-T0 firmware versions through 5.50ABVY.7.1C0 could allow an authenticated attacker with administrator privileges to execute OS commands on an affected...

7.2CVSS5.5AI score0.01157EPSS
Exploits0References1
CVE
CVE
added 2026/04/28 2:6 a.m.17 views

CVE-2026-1460

CVE-2026-1460 affects Zyxel DX3301-T0 and EX3301-T0 devices up to firmware 5.50(ABVY.7.1)C0. A post-authentication command-injection vulnerability exists in the DHCP configuration file’s DomainName parameter. An authenticated attacker with administrator privileges could execute OS commands on an ...

7.2CVSS5.5AI score0.01157EPSS
Exploits0References1
OSV
OSV
added 2026/02/24 3:16 a.m.1 views

CVE-2025-13943

A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50ABVY.7C0 could allow an authenticated attacker to execute operating system OS commands on an affected device...

8.8CVSS5.9AI score0.01398EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.8 views

Zyxel VMG3625-T50B 操作系统命令注入漏洞

The Zyxel VMG3625-T50B is a WiFi device produced by the Zyxel company. The firmware version 5.50ABPM.9.7C0 and earlier contain a vulnerability related to operating system command injection. This vulnerability stems from the CGI program used for downloading the TR-369 certificate, which allows for...

7.2CVSS7.5AI score0.00902EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.11 views

PT-2026-21645

Name of the Vulnerable Software and Affected Versions Zyxel VMG3625-T50B firmware versions through 5.50ABPM.9.7C0 Description A post-authentication command injection exists in the TR-369 certificate download CGI program. An authenticated attacker with administrator privileges could execute...

7.2CVSS5.5AI score0.00902EPSS
Exploits1References15
OSV
OSV
added 2025/11/18 2:15 a.m.4 views

CVE-2025-6599

An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50ABVY.6.3C0 and earlier could allow an attacker to perform Slowloris‑style denial‑of‑service DoS attacks. Such attacks may temporarily block legitimate HTTP requests and partially disrupt...

7.5CVSS5.8AI score0.00273EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.4 views

Zyxel DX3300-T0 操作系统命令注入漏洞

The Zyxel DX3300-T0 is a small wireless WiFi router from China Hopkins Zyxel. An operating system command injection vulnerability exists in Zyxel DX3300-T0 5.50 ABVY.6.3 C0 and earlier versions, which stems from the presence of post-authentication command injection in the priv parameter, which...

8.8CVSS7.5AI score0.00974EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/09/23 12:0 a.m.7 views

PT-2024-7284 · Zyxel · Zyxel Vmg8825-T50K

Name of the Vulnerable Software and Affected Versions: Zyxel VMG8825-T50K firmware versions through 5.50ABOM.8C0 Description: The issue is related to an improper restriction of operations within the bounds of a memory buffer, which could allow an authenticated attacker with administrator privileg...

6.8CVSS7.3AI score0.00431EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/05/21 12:0 a.m.8 views

PT-2024-12665 · Unknown · Vmg3625-T50B

Name of the Vulnerable Software and Affected Versions: VMG3625-T50B firmware version V5.50ABPM.8C0 Description: The issue is related to a buffer overflow vulnerability in the CGI program, which could allow an authenticated remote attacker to cause denial of service DoS conditions by sending a...

6.5CVSS7.7AI score0.00545EPSS
Exploits0References5
Debian
Debian
added 2023/12/15 9:46 a.m.36 views

[SECURITY] [DLA 3689-1] bluez security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3689-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb December 14, 2023 https://wiki.debian.org/LTS -...

6.3CVSS6.9AI score0.07879EPSS
Exploits8
Metasploit
Metasploit
added 2010/01/06 7:29 p.m.17 views

HP OmniInet.exe MSG_PROTOCOL Buffer Overflow

This module exploits a stack-based buffer overflow in the Hewlett-Packard OmniInet NT Service. By sending a specially crafted MSGPROTOCOL 0x010b packet, a remote attacker may be able to execute arbitrary code with elevated privileges. This service is installed with HP OpenView Data Protector, HP...

10CVSS8.2AI score0.74063EPSS
Exploits10
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.24 views

CentOS Update for unzip CESA-2008:0196-01 centos2 i386

Check for the Version of unzip OpenVAS Vulnerability Test CentOS Update for unzip CESA-2008:0196-01 centos2 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

9.3CVSS0.0629EPSS
Exploits1References2
OSV
OSV
added 2006/03/21 12:0 a.m.20 views

DSA-1012-1 unzip - buffer overflow

Bulletin has no description...

3.7CVSS6AI score0.01481EPSS
Exploits1
securityvulns
securityvulns
added 2005/11/18 12:0 a.m.69 views

[SA17602] VP-ASP Shopping Cart "UserName" Cross-Site Scripting Vulnerability

TITLE: VP-ASP Shopping Cart "UserName" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA17602 VERIFY ADVISORY: http://secunia.com/advisories/17602/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: VP-ASP Shopping Cart 5.x http://secunia.com/product/1832/...

0.3AI score
Exploits0
Rows per page
Query Builder