EUVD-2020-8935

Malware in sbrugna...

EUVD-2020-8816

Malware in sbrugna...

EUVD-2019-9887

Malware in sbrugna...

EUVD-2020-11988

Malware in sbrugna...

EUVD-2022-52908

Malicious code in bioql PyPI...

The vulnerability of the jingx_asp() function in D-Link DI-8100 router microprogramming software allows a hacker to induce a service failure.

The vulnerability of the jingxasp function in D-Link DI-8100 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failure by sending a specially crafted HTTP request...

Google Chrome Integer Overflow Vulnerability

Google Chrome is a popular web browser. Google Chrome suffers from an integer overflow vulnerability that stems from improper handling of integer values, which can be exploited by an attacker to submit a special WEB request that can be tricked into being parsed by the user, crashing the applicati...

CVE-2022-29646

An access control issue in TOTOLINK A3100R V4.1.2cu.5050B20200504 and V4.1.2cu.5247B20211129 allows attackers to obtain sensitive information via a crafted web request...

Google Chrome Input Validation Error Vulnerability

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from an input validation error vulnerability, which stems from an improper implementation in Intents, that can be exploited by an attacker to submit a special Web request that can be elevated in privilege by...

caldera -- Remote Code Execution

MITRE Caldera contributor report: In MITRE Caldera through 4.2.0 and 5.0.0 before 35bc06e, a Remote Code Execution RCE vulnerability was found in the dynamic agent implant compilation functionality of the server. This allows remote attackers to execute arbitrary code on the server that Caldera is...

CVE-2024-46450

Incorrect access control in Tenda AC1200 Smart Dual-Band WiFi Router Model AC6 v2.0 Firmware v15.03.06.50 allows attackers to bypass authentication via a crafted web request...

The vulnerability of the imagename handler in the CGI script /ems/cgi-bin/ezrf-lighttpd.cgi of the graphical interface for managing WLAN access points and LAN switches in Fortinet FortiWLM allows a attacker to execute arbitrary code.

The vulnerability of the imagename handler in the CGI script /ems/cgi-bin/ezrf-lighttpd.cgi of the graphical interface for managing WLAN access points and LAN switches in Fortinet FortiWLM is related to an incorrect limitation on the path name to the restricted directory. Exploiting this...

The vulnerability of the Fusion File Manager component in the PHP-Fusion CMS system allows a hacker to gain access to read and modify files.

The vulnerability of the Fusion File Manager CMS system’s PHP-Fusion component is related to an incorrect limitation on the path name of the restricted directory. Exploiting this vulnerability allows a malicious actor to gain access to and modify files through a specially created HTTP request...

Oracle Database Server Express Quick Poll component privilege acquisition vulnerability

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A privilege-acquisition vulnerability exists in Oracle Database Server Express Quick Po...

Cisco Firepower Management Center Input Validation Error Vulnerability (CNVD-2020-27105)

Cisco Firepower Management Center FMC is a new generation of firewall management center software from Cisco. An input validation error vulnerability exists in Cisco Firepower Management Center. An attacker could exploit this vulnerability by sending a specially crafted HTTP request to an affected...

XenForo Remote Code Execution Vulnerability

XenForo is a community forum software with a fresh interface and a powerful engine. A remote code execution vulnerability exists in XenForo versions between 1.5.x and 1.5.11a, which can be exploited by an attacker to execute arbitrary code by constructing a specific HTTP request...

SnapStream Personal Video Station 1.2 a - PVS Directory Traversal

SnapStream Personal Video Station 1.2 a - PVS Directory Traversal source: https://www.securityfocus.com/bid/3100/info Snapstream Personal Video Station is an application for Microsoft Windows which allows users to record video output on their PC and view it at a later time, locally or via an HTTP...

SnapStream Personal Video Station 1.2 a - PVS Directory Traversal

source: https://www.securityfocus.com/bid/3100/info Snapstream Personal Video Station is an application for Microsoft Windows which allows users to record video output on their PC and view it at a later time, locally or via an HTTP interface. The Snapstream PVS web interface runs on port 8129...