31 matches found
PT-2024-1663 · Tp Link · Tp-Link Er7206 Omada Gigabit Vpn Router
Name of the Vulnerable Software and Affected Versions: Tp-Link ER7206 Omada Gigabit VPN Router version 1.3.0 build 20230322 Rel.70591 Description: A post authentication command injection issue exists in the GRE policy functionality. This can be exploited by sending a specially crafted HTTP reques...
AZL-31611 CVE-2023-45802 affecting package httpd for versions less than 2.4.58-1
When a HTTP/2 stream was reset RST frame by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing...
CVE-2022-48433
In JetBrains IntelliJ IDEA before 2023.1 the NTLM hash could leak through an API method used in the IntelliJ IDEA built-in web server...
Siemens SICAM A8000 CP-8000 资源管理错误漏洞
The SICAM A8000 RTU Remote Terminal Unit series is a modular device family for remote control and automation applications in all areas of energy supply.A security vulnerability exists in the Siemens SICAM A8000 CPC80, which stems from the fact that when using an HTTPS server under certain...
CVE-2017-14435
An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to "/MOXA\CFG.ini" without a cookie heade...
Mailman private.py true_path Function Traversal Arbitrary File Access
According to its version number, the remote installation of Mailman reportedly is affected by a directory traversal vulnerability in 'Cgi/private.py'. The flaw comes into play only on web servers that don't strip extraneous slashes from URLs, such as Apache 1.3.x, and allows a list subscriber,...
BreakCalendar < 1.3 XSS
The remote host seems to be running BreakCalendar, a web-based calendar. The remote version of this software is vulnerable to a cross-site scripting attack that may allow an attacker to use the remote host to perform attacks against third-party users. %NASLMINLEVEL 70300 C Tenable Network Securit...
[NT] FreeProxy/FreeWeb Multiple Vulnerabilities
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
osCommerce 2.2 - 'product_info.php' Denial of Service
source: https://www.securityfocus.com/bid/7351/info It has been reported that an attacker may trigger a denial of service condition in osCommerce application. If malicious URI parameters are passed to several of the osCommerce PHP pages, the mySQL and web server hosting osCommerce reportedly...
S21SEC-003: Vulnerabilities in CommuniGate Pro v3.2.4
ID: S21SEC-003-en Title: Vulnerabilities in Stalker's CommuniGate Pro v3.2.4 Date: 03/04/2000 Status: Vendor contacted Scope: Remote command execution as superuser Platforms: Linux, probably others Author: llmora, fjserna Location: http://www.s21sec.com/en/avisos/s21sec-003-en.txt Release: Public...
Compaq Client Management Agents 3.704.0 Insight Management Agents 4.21 A4.22 A4.30 A Intelligent Cluster Administrator 1.0 Management Agents for Workstations 4.20 A Server Management Agents 4.23 Survey Utility 2.0 - Web File Access
Compaq Client Management Agents 3.704.0 Insight Management Agents 4.21 A4.22 A4.30 A Intelligent Cluster Administrator 1.0 Management Agents for Workstations 4.20 A Server Management Agents 4.23 Survey Utility 2.0 - Web File Access source: https://www.securityfocus.com/bid/282/info A vulnerabilit...