EUVD-2024-51344

Malicious code in bioql PyPI...

EUVD-2021-29620

Malicious code in bioql PyPI...

i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path

...

The vulnerability in the form2AddVrtsrv.cgi script of the Virtual Service Handler component of the D-Link DIR-816 A2 router microprogramming system, which allows a attacker to compromise the integrity of protected information.

The vulnerability of the form2AddVrtsrv.cgi script of the Virtual Service Handler component in the D-Link DIR-816 A2 router microprogramming system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to compromise the integrity of the protected...

CVE-2024-13103

A vulnerability, which was classified as critical, has been found in D-Link DIR-816 A2 1.10CNB05R1B011D88210. This issue affects some unknown processing of the file /goform/form2AddVrtsrv.cgi of the component Virtual Service Handler. The manipulation leads to improper access controls. The attack...

CVE-2024-13103 D-Link DIR-816 A2 Virtual Service form2AddVrtsrv.cgi access control

A vulnerability, which was classified as critical, has been found in D-Link DIR-816 A2 1.10CNB05R1B011D88210. This issue affects some unknown processing of the file /goform/form2AddVrtsrv.cgi of the component Virtual Service Handler. The manipulation leads to improper access controls. The attack...

PT-2024-6998 · D Link · D-Link Dir-619L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-619L version 2.06 Description: A critical issue is present in the formVirtualServ function of the /goform/formVirtualServ file, which can be exploited remotely. The manipulation of the curTime argument leads to a buffer overflow...

Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass (CVE-2019-12662)

A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper...

CVE-2021-42659

There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.196318 and Tenda AC9 V3.0 V15.03.06.42multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs...

CVE-2021-42659

There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.196318 and Tenda AC9 V3.0 V15.03.06.42multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs...

Buffer overflow

There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.196318 and Tenda AC9 V3.0 V15.03.06.42multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs...

Tenda AC9 缓冲区错误漏洞

Tenda AC9 is a wireless router from Tenda China. A security vulnerability exists in Tenda AC9 V1.0 V15.03.02.196318 and AC9 V3.0 V15.03.06.42multi versions, which originates from a buffer overflow issue in the web server httpd. When setting up a virtual service, the httpd program will crash and...

CVE-2022-29499

The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code execution because of incorrect data validation. The Service Appliances are SA 100, SA 400, and Virtual SA...

D-Link DIR-809 缓冲区错误漏洞

The D-Link DIR-809 is a dual-band router from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-809, which stems from the FUN8004776c function in the product/formVirtualServ link failing to effectively determine data boundaries. An attacker could cause a denial of servi...

istio/envoy: mishandling regular expressions for long URIs leading to DoS

A flaw was found in Istio in versions prior to 1.1.13 and 1.2.4. Regular expressions for long URIs are mishandled leading to a denial of service during the use of JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding API. The highest threat from this vulnerability is to system availability...

CVE-2019-12662 Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability

A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper...

Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability

A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper...

Scientific Linux Security Update : conga on SL5.x i386/x86_64

A flaw was found in ricci during a code audit. A remote attacker who is able to connect to ricci could cause ricci to temporarily refuse additional connections, a denial of service CVE-2007-4136. Fixes in this updated package include : - The nodename is now set for manual fencing. - The node log ...