1455 matches found
Malicious code in playground-wizard (npm)
The package playground-wizard was found to contain malicious code...
MAL-2025-29386 Malicious code in playground-wizard (npm)
The package playground-wizard was found to contain malicious code...
The vulnerability of the formSetWAN_Wizard51() function (/goform/formSetWAN_Wizard51) in the D-Link DIR-619L router microprogramming software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the formAdvanceSetup function /goform/formAdvanceSetup of the D-Link DIR-619L router’s microprogramming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality...
CVE-2025-41679
An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard Conftool service...
D-Link DIR-619L 安全漏洞
The D-Link DIR-619L is a wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-619L version 2.06B01, which stems from the improper handling of the parameter curTime in the file /goform/formSetWANWizard51, which may result in a stack buffer overflow...
D-Link DIR-619L 安全漏洞
The D-Link DIR-619L is a wireless router from China's AUO D-Link. The D-Link DIR-619L suffers from a stack buffer overflow vulnerability caused by incorrect boundary checking in function formSetWANTypeWizard5 in file /goform/formSetWANTypeWizard5. An attacker could exploit this vulnerability to...
CVE-2025-6371
A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.06B01. Affected by this issue is the function formSetEnableWizard of the file /goform/formSetEnableWizard. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be launch...
WordPress WP Wizard Cloak Plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WP Wizard Cloak versions = 1.0.1...
cn.herodotus.engine:message-spring-boot-starter (>=2.7.3.4 <=3.0.0-M2), com.airbus-cyber-security.graylog:graylog-plugin-aggregation-count (>=4.0.0 <=4.1.1) +179 more potentially affected by CVE-2025-27819 via org.apache.kafka:kafka_2.13 (>=2.4.0 <=3.3.2)
org.apache.kafka:kafka2.13 MAVEN version =2.4.0, =2.7.3.4, =4.0.0, =4.0.0, =4.0.0, =4.0.1, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =1.0.0, =1.2.0 - com.cerner.c...
CVE-2025-5573
A vulnerability was found in D-Link DCS-932L 2.18.01. It has been rated as critical. Affected by this issue is the function setSystemWizard/setSystemControl of the file /setSystemWizard. The manipulation of the argument AdminID leads to os command injection. The attack may be launched remotely. T...
D-Link DCS-932L 安全漏洞
The D-Link DCS-932L is a network surveillance camera from China AUO D-Link. It is used for security and surveillance. The D-Link DCS-932L suffers from a command injection vulnerability that stems from the failure of the parameter AdminID in the file /setSystemWizard to correctly filter constructe...
Exploit for Cross-site Scripting in Ibm Qradar_Security_Information_And_Event_Manager
CVE-2024-28784 — Stored XSS in IBM QRadar SIEM Rule Wizard...
Debian: Security Advisory (DLA-4196-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-4196 : accountwizard - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4196 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4196-1 [email protected] https://www.debian.org/lts/security/...
[SECURITY] [DLA 4196-1] kmail-account-wizard security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4196-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz May 30, 2025 https://wiki.debian.org/LTS -...
DLA-4196-1 kmail-account-wizard - security update
Bulletin has no description...
CVE-2024-5939
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'setupwizard' function in all versions up to, and including, 3.13.0. This makes it possible for unauthenticated attackers to read the...
CVE-2024-1322
The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'setupwizard' function in all versions up to, and including, 7.8.4. This makes it possible for...
CVE-2024-11764
The Solar Wizard Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'solarwizard' shortcode in all versions up to, and including, 1.2.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2023-39063
Buffer Overflow vulnerability in RaidenFTPD 2.4.4005 allows a local attacker to execute arbitrary code via the Server name field of the Step by step setup wizard...