Lucene search
K

1453 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:36 a.m.6 views

CVE-2010-2440

Stack-based buffer overflow in st-wizard.exe in Subtitle Translation Wizard 3.0 allows user-assisted remote attackers to execute arbitrary code via a crafted SRT file with a long line after a time range. NOTE: some of these details are obtained from third party information...

9.3CVSS8.3AI score0.05586EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:19 a.m.9 views

CVE-2019-13278

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple command injections when processing user input for the setup wizard, allowing an unauthenticated user to run arbitrary commands on the device. The vulnerability can be exercised on the local intranet or remotely if...

10CVSS7.7AI score0.08783EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/15 1:11 a.m.16 views

CVE-2025-43000

Under certain conditions Promotion Management Wizard PMW allows an attacker to access information which would otherwise be restricted.This has High impact on Confidentiality with Low impact on Integrity and Availability of the application...

7.9CVSS6.9AI score0.00142EPSS
Exploits0References1
NVD
NVD
added 2025/05/13 1:15 a.m.12 views

CVE-2025-43000

Under certain conditions Promotion Management Wizard PMW allows an attacker to access information which would otherwise be restricted.This has High impact on Confidentiality with Low impact on Integrity and Availability of the application...

7.9CVSS0.00142EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/13 12:17 a.m.6 views

CVE-2025-43000 Information Disclosure Vulnerability in SAP Business Objects Business Intelligence Platform (PMW)

Under certain conditions Promotion Management Wizard PMW allows an attacker to access information which would otherwise be restricted.This has High impact on Confidentiality with Low impact on Integrity and Availability of the application...

7.9CVSS7.9AI score0.00142EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/13 12:17 a.m.21 views

CVE-2025-43000 Information Disclosure Vulnerability in SAP Business Objects Business Intelligence Platform (PMW)

Under certain conditions Promotion Management Wizard PMW allows an attacker to access information which would otherwise be restricted.This has High impact on Confidentiality with Low impact on Integrity and Availability of the application...

7.9CVSS0.00142EPSS
Exploits0References2
CVE
CVE
added 2025/05/13 12:17 a.m.45 views

CVE-2025-43000

Summary: CVE-2025-43000 corresponds to an information-disclosure vulnerability in SAP Business Objects Business Intelligence Platform related to the Promotion Management Wizard (PMW). Based on connected records, the issue involves an access-control weakness that could allow an attacker to access ...

7.9CVSS7.9AI score0.00142EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.4 views

PT-2025-20813 · Unknown · Promotion Management Wizard

Name of the Vulnerable Software and Affected Versions: Promotion Management Wizard PMW affected versions not specified Description: The issue allows an attacker to access restricted information under certain conditions. This has a high impact on confidentiality, with a low impact on the integrity...

7.9CVSS6AI score0.00142EPSS
Exploits0References7
OSV
OSV
added 2025/05/09 2:15 a.m.4 views

CVE-2025-4452

A vulnerability was found in D-Link DIR-619L 2.04B04 and classified as critical. Affected by this issue is the function formSetWizard2. The manipulation of the argument curTime leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure. Thi...

9.8CVSS6.4AI score0.02335EPSS
Exploits0References5
Citrix
Citrix
added 2025/05/09 12:0 a.m.16 views

Citrix Provisioning - Configuration Wizard fails after upgrade to 2503

PVS Configuration Wizard fails with errors after PVS upgrade to version 2503. ConfigWizard.log located in C:\ProgramData\Citrix\Provisioning Services\Log on the PVS Server shows: ERROR:SqlException caught, Number = 207, Message = Invalid column name 'isXsProxyConfigRequired'. Updating server...

7.7AI score
Exploits0
CNNVD
CNNVD
added 2025/05/09 12:0 a.m.2 views

D-Link DIR-619L 安全漏洞

The D-Link DIR-619L is a cost-effective wireless router designed for home office Internet needs. The D-Link DIR-619L suffers from a buffer overflow vulnerability that stems from the improper handling of the wanconnected parameter in the formEasySetupWizard3 function, which can be exploited by an...

9.8CVSS7.7AI score0.02335EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/05/09 12:0 a.m.1 views

D-Link DIR-619L 安全漏洞

The D-Link DIR-619L is a cost-effective wireless router designed for home office Internet needs. The D-Link DIR-619L suffers from a buffer overflow vulnerability that stems from the formSetEasyWizard function mishandling the curTime parameter, which can be exploited by an attacker to submit a...

9.8CVSS7.4AI score0.02335EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/05/08 12:0 a.m.3 views

PT-2025-20450 · D Link · D-Link Dir-619L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-619L version 2.04B04 Description: A critical issue was found in the function formSetEasy Wizard, where the manipulation of the argument curTime leads to a buffer overflow. This issue can be exploited remotely. The vendor was notifi...

9.8CVSS8.6AI score0.02335EPSS
Exploits0References16
vulnersOsv
vulnersOsv
added 2025/05/07 3:27 p.m.4 views

com.airbus-cyber-security.graylog:graylog-plugin-aggregation-count (>=1.1.0 <=4.1.1), com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=1.0.0 <=5.2.1) +12 more potentially affected by CVE-2025-46827 via org.graylog2:graylog2-server (>=1.0.0-beta.3 <=6.0.13)

org.graylog2:graylog2-server MAVEN version =1.0.0-beta.3, =1.1.0, =1.0.0, =1.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1, =2.2.0, =1.1.0, =2.2.0, =2.2.0, =1.0.3, =1.0.0, =1.2.0, =1.3.4 Source cves: CVE-2025-46827 Source advisory: OSV:GHSA-76VF-MPMX-777J...

8CVSS5.4AI score0.00229EPSS
Exploits0
CNNVD
CNNVD
added 2025/05/06 12:0 a.m.4 views

D-Link DIR-600L 安全漏洞

The D-Link DIR-600L is a wireless router from China-based AUO D-Link. The D-Link DIR-600L suffers from a buffer overflow vulnerability that originates from the parameter host of the function formEasySetupWizard that fails to correctly validate the length and size of the input data, which can be...

9.8CVSS8.1AI score0.00973EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2025/05/02 12:0 a.m.3 views

Adaptive Wizard for Removing Cross-Tier Misconfigurations in Active Directory

Security vulnerabilities in Windows Active Directory AD systems are typically modeled using an attack graph and hardening AD systems involves an iterative workflow: security teams propose an edge to remove, and IT operations teams manually review these fixes before implementing the removal. As...

7.3AI score
Exploits0
OSV
OSV
added 2025/04/14 2:15 a.m.3 views

CVE-2025-3546

A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been declared as critical. Affected by this vulnerability is the function FCGICheckStringIfContainsSemicolon of the file /api/wizard/getLanguage of the component HTTP POS...

8.6CVSS5.5AI score0.01912EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/04/14 12:0 a.m.2 views

H3C多款产品 注入漏洞

H3C Magic NX30 Pro and others are products of China's Xinhua San H3C.H3C Magic NX30 Pro is a home router that supports WiFi6 3000M rate.H3C Magic NX15 is a router.H3C Magic NX400 is a router. An injection vulnerability exists in several H3C products that originates from command injection in the...

8.6CVSS8.1AI score0.01299EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/04/13 12:0 a.m.3 views

H3C多款产品 注入漏洞

H3C Magic NX30 Pro and others are products of China's Xinhua San H3C.H3C Magic NX30 Pro is a home router that supports WiFi6 3000M rate.H3C Magic NX15 is a router.H3C Magic NX400 is a router. An injection vulnerability exists in several H3C products. The vulnerability stems from a command injecti...

8.6CVSS8.2AI score0.01299EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/04/13 12:0 a.m.5 views

PT-2025-16191 · H3C · H3C Magic Nx15 +3

Name of the Vulnerable Software and Affected Versions: H3C Magic NX15, Magic NX30 Pro, Magic NX400, and Magic R3010 versions up to V100R014 Description: A critical issue has been found in the affected devices, specifically in the function FCGI WizardProtoProcess of the /api/wizard/getSpecs endpoi...

8.6CVSS8AI score0.01274EPSS
Exploits0References15
Rows per page
Query Builder