TP-Link Archer C5v Information Disclosure Vulnerability

The TP-Link Archer C5v is an AC1200 wireless dual-band Gigabit VoIP router. An information disclosure vulnerability exists in TP-Link Archer C5v 1.7181221. A remote attacker can exploit this vulnerability by sending a USERCFG0,0,0,0,0,0,0,00,0,0,0,00,0 request to the /cgi?1&5 URI to retrieve...

Advantech WebAccess/SCADA Local Elevation of Privilege Vulnerability (CNVD-2021-11305)

Advantech WebAccess/SCADA is a suite of SCADA software from Advantech based on a browser architecture. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. A local elevation of privilege...

RACOM M!DGE Cross-Site Scripting Vulnerability

The RACOM M!DGE is a cellular router designed for SCADA and telemetry mission-critical applications and is ideally suited for many different wireless applications. A cross-site scripting vulnerability exists in the RACOM M!DGE firmware version 4.4.40.105. An attacker can exploit this vulnerabilit...

Adobe Magento Insecure Direct Object Reference Vulnerability

Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...

Denial of Service Vulnerability in IG902H Edge Computing Gateway of Beijing Yinghantong Network Technology Co.

Beijing Yinghantong Network Technology Co., Ltd. is an Internet of Things IoT technology company, providing safe and reliable industrial routers, industrial switches, industrial IoT gateways, industrial wireless communication modules, and other products and IoT solutions and so on. A...

IBM API Connect Input Validation Error Vulnerability (CNVD-2021-09491)

IBM API Connect APIConnect is a suite of integrated solutions for managing the API lifecycle from IBM USA. The product supports creating, running, managing, and securing APIs, microservices, and more. An input validation error vulnerability exists in IBM API Connect, which can be exploited by an...

Google Android Denial of Service Vulnerability (CNVD-2021-19752)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. A denial of service vulnerability exists in the Framework component of Google Android 10 and 11. An attacker can exploit this vulnerability to cause a denial of...

xiycms backend has arbitrary file read vulnerability

xiycms is an open source and free enterprise content management system. xiycms backend has an arbitrary file read vulnerability. An attacker can exploit the vulnerability to read the database configuration file...

Hangzhou Zhicong Network Technology Co., Ltd's Rice Cake Mom APP Has Denial of Service Vulnerability

Rice Cake Mom APP is a professional mother and baby service application. Hangzhou Zhicong Network Technology Co., Ltd. rice cake mom APP has a denial of service vulnerability, attackers can send malformed packets to exploit the vulnerability to cause the APP stop running...

Exploit for CVE-2020-23160

Pyrescom-Termod-PoC This is the Proof-of-concept exploit code...

Oracle Scripting Information Disclosure Vulnerability

Oracle E-Business Suite E-Business Suite is a fully integrated set of global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. Scripting is one of the script management console...

Denial of Service Vulnerability in ZXHN F460 at ZTE CORPORATION

ZXHN F460 is ZTE's EPON mode optical cat. A denial of service vulnerability exists in the ZXHN F460 of ZTE Corporation, which can be exploited by attackers to cause a denial of service attack...

Denial of Service Vulnerability in TP-Link TL-XDR5430

The TL-XDR5430 is a router from TP-Link. The TP-Link TL-XDR5430 has a denial of service vulnerability that can be exploited by an attacker to cause a denial of service attack...

Cisco SD-WAN vManage Information Disclosure Vulnerability

Cisco SD-WAN Solution is a suite of network extension solutions from Cisco, of which vManage is the console. An information disclosure vulnerability exists in the CLI of Cisco SD-WAN vManage versions prior to 19.2.3, which can be exploited by an attacker to read database files from the underlying...

Cisco Smart Software Manager Satellite SQL Injection Vulnerability

Cisco Smart Software Manager Satellite is a Cisco component for Cisco product license management. A SQL injection vulnerability exists in the Web management interface of Cisco Smart Software Manager Satellite 5.1.0 and earlier versions. The vulnerability stems from the web management interface no...

TP-Link TL-R473GP-AC in Denial of Service Vulnerability (CNVD-2021-08391)

TL-R473GP-AC is TP-LINK's PoE-AC all-in-one VPN router product developed specifically for environments such as small and micro businesses, offices and villas. TP-Link TL-R473GP-AC is vulnerable to a denial of service vulnerability. An attacker can exploit the vulnerability to cause a denial of...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

This repository is an offensive tool for a vulnerability hub. It contains various tools and exploits for testing and demonstrating vulnerabilities in different software and systems. The repository includes a range of tools, such as Docker image builders, format checkers, and Markdown linters, as...

Google Android suffers from a denial of service vulnerability (CNVD-2021-10300)

Google Android generally refers to Android. android is a free and open source operating system based on the Linux kernel without GNU components. Google Android has a denial of service vulnerability that can be exploited by an attacker to cause a denial of service...

Extreme Office 2019 suffers from a denial of service vulnerability (CNVD-2021-05116)

Extreme Office is an independently controlled office learning software developed by Beijing Haiteng Times Technology Co. Extreme Office 2019 suffers from a denial of service vulnerability. An attacker can exploit the vulnerability to cause the program to crash...

Cisco Finesse Cross-Site Scripting Vulnerability (CNVD-2021-41165)

Cisco Finesse is a set of call center management software from the U.S. company Cisco Cisco. A cross-site scripting vulnerability exists in the Web management interface of Cisco Finesse versions prior to 12.0 ES05, 12.5 ES05, which can be exploited by a remote authenticated attacker to execute...