Lucene search
K

1455 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in playground-wizard (npm)

The package playground-wizard was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-29386 Malicious code in playground-wizard (npm)

The package playground-wizard was found to contain malicious code...

7.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/08/04 12:0 a.m.8 views

The vulnerability of the formSetWAN_Wizard51() function (/goform/formSetWAN_Wizard51) in the D-Link DIR-619L router microprogramming software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formAdvanceSetup function /goform/formAdvanceSetup of the D-Link DIR-619L router’s microprogramming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality...

9CVSS7.6AI score0.00811EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2025/07/21 10:15 a.m.5 views

CVE-2025-41679

An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard Conftool service...

7.5CVSS6.1AI score0.00633EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/06/25 12:0 a.m.6 views

D-Link DIR-619L 安全漏洞

The D-Link DIR-619L is a wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-619L version 2.06B01, which stems from the improper handling of the parameter curTime in the file /goform/formSetWANWizard51, which may result in a stack buffer overflow...

9CVSS8.9AI score0.00848EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/06/25 12:0 a.m.4 views

D-Link DIR-619L 安全漏洞

The D-Link DIR-619L is a wireless router from China's AUO D-Link. The D-Link DIR-619L suffers from a stack buffer overflow vulnerability caused by incorrect boundary checking in function formSetWANTypeWizard5 in file /goform/formSetWANTypeWizard5. An attacker could exploit this vulnerability to...

9CVSS8.1AI score0.00848EPSS
Exploits1References7
OSV
OSV
added 2025/06/20 11:15 p.m.5 views

CVE-2025-6371

A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.06B01. Affected by this issue is the function formSetEnableWizard of the file /goform/formSetEnableWizard. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be launch...

8.7CVSS6.4AI score0.0082EPSS
Exploits1References5
Patchstack
Patchstack
added 2025/06/13 2:38 p.m.4 views

WordPress WP Wizard Cloak Plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WP Wizard Cloak versions = 1.0.1...

7.1CVSS6.2AI score0.00237EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2025/06/10 9:30 a.m.6 views

cn.herodotus.engine:message-spring-boot-starter (>=2.7.3.4 <=3.0.0-M2), com.airbus-cyber-security.graylog:graylog-plugin-aggregation-count (>=4.0.0 <=4.1.1) +179 more potentially affected by CVE-2025-27819 via org.apache.kafka:kafka_2.13 (>=2.4.0 <=3.3.2)

org.apache.kafka:kafka2.13 MAVEN version =2.4.0, =2.7.3.4, =4.0.0, =4.0.0, =4.0.0, =4.0.1, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =1.0.0, =1.2.0 - com.cerner.c...

7.5CVSS6.4AI score0.00871EPSS
Exploits0
OSV
OSV
added 2025/06/04 6:15 a.m.7 views

CVE-2025-5573

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been rated as critical. Affected by this issue is the function setSystemWizard/setSystemControl of the file /setSystemWizard. The manipulation of the argument AdminID leads to os command injection. The attack may be launched remotely. T...

9.8CVSS5.6AI score0.09972EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/06/04 12:0 a.m.2 views

D-Link DCS-932L 安全漏洞

The D-Link DCS-932L is a network surveillance camera from China AUO D-Link. It is used for security and surveillance. The D-Link DCS-932L suffers from a command injection vulnerability that stems from the failure of the parameter AdminID in the file /setSystemWizard to correctly filter constructe...

9.8CVSS7.5AI score0.09972EPSS
Exploits1References5
GithubExploit
GithubExploit
added 2025/06/02 11:6 p.m.110 views

Exploit for Cross-site Scripting in Ibm Qradar_Security_Information_And_Event_Manager

CVE-2024-28784 — Stored XSS in IBM QRadar SIEM Rule Wizard...

5.4CVSS5.3AI score0.0034EPSS
Exploits1
OpenVAS
OpenVAS
added 2025/06/02 12:0 a.m.4 views

Debian: Security Advisory (DLA-4196-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7.1AI score0.0025EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/31 12:0 a.m.5 views

Debian dla-4196 : accountwizard - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4196 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4196-1 [email protected] https://www.debian.org/lts/security/...

5.9CVSS5.9AI score0.0025EPSS
Exploits0References4
Debian
Debian
added 2025/05/30 11:7 p.m.7 views

[SECURITY] [DLA 4196-1] kmail-account-wizard security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4196-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz May 30, 2025 https://wiki.debian.org/LTS -...

5.9CVSS6.5AI score0.0025EPSS
Exploits0
OSV
OSV
added 2025/05/30 12:0 a.m.4 views

DLA-4196-1 kmail-account-wizard - security update

Bulletin has no description...

5.9CVSS7.2AI score0.0025EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 8:27 a.m.9 views

CVE-2024-5939

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'setupwizard' function in all versions up to, and including, 3.13.0. This makes it possible for unauthenticated attackers to read the...

5.3CVSS6.7AI score0.00481EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:21 a.m.5 views

CVE-2024-1322

The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'setupwizard' function in all versions up to, and including, 7.8.4. This makes it possible for...

5.3CVSS5.3AI score0.00524EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:2 a.m.6 views

CVE-2024-11764

The Solar Wizard Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'solarwizard' shortcode in all versions up to, and including, 1.2.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.9AI score0.0026EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:10 a.m.10 views

CVE-2023-39063

Buffer Overflow vulnerability in RaidenFTPD 2.4.4005 allows a local attacker to execute arbitrary code via the Server name field of the Step by step setup wizard...

7.8CVSS7.6AI score0.00433EPSS
Exploits2
Rows per page
Query Builder