d-w-c.nl Improper Access Control vulnerability OBB-3863498
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
D-Link DAP-1533 Devices RCE Vulnerability (Sep 2019)
D-Link DAP-1533 devices are prone to a remote command execution (RCE)...
9.6AI Score
0.963EPSS
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use access_width over bit_width for system memory accesses To align with ACPI 6.3+, since bit_width can be any 8-bit value, it cannot be depended on to be always on a clean 8b boundary. This was uncovered on the Cobalt....
7.6AI Score
0.0004EPSS
e-d-s.fr Cross Site Scripting vulnerability OBB-3868953
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
D-Link DHP-1565 Devices RCE Vulnerability (Sep 2019)
D-Link DHP-1565 devices are prone to a remote command execution (RCE)...
9.6AI Score
0.963EPSS
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use access_width over bit_width for system memory accesses To align with ACPI 6.3+, since bit_width can be any 8-bit value, it cannot be depended on to be always on a clean 8b boundary. This was uncovered on the...
7.3AI Score
0.0004EPSS
D-Link DIR-3040 1.13B03 - Information Disclosure
D-Link DIR-3040 1.13B03 is susceptible to information disclosure in the Syslog functionality. A specially crafted HTTP network request can lead to the disclosure of sensitive information. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute...
4.6AI Score
0.003EPSS
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use access_width over bit_width for system memory accesses To align with ACPI 6.3+, since bit_width can be any 8-bit value, it cannot be depended on to be always on a clean 8b boundary. This was uncovered on the Cobalt....
6.8AI Score
0.0004EPSS
CVE-2023-44410 D-Link D-View showUsers Improper Authorization Privilege Escalation Vulnerability
D-Link D-View showUsers Improper Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. The specific flaw exists within the showUsers...
6.9AI Score
0.001EPSS
D-Link D-View TftpSendFileThread Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw exists....
6AI Score
0.001EPSS
Mirth Connect deserialization vulnerability
Added: 05/23/2024 Background Mirth Connect is an application which translates message standards for healthcare systems. Problem A deserialization vulnerability in Mirth Connect allows remote attackers to execute arbitrary commands by sending a specially crafted API request. Resolution Upgrade...
8AI Score
0.946EPSS
direct-d-sign.com Improper Access Control vulnerability OBB-3855516
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
CVE-2023-32168 D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability
D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. The specific flaw exists within the showUser...
6.9AI Score
0.0005EPSS
8.6AI Score
Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website. NOTE: some third parties have been unable to discern any relationship between the Pastebin information and a possible XSS...
6.1CVSS
5.9AI Score
0.001EPSS
D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. The specific flaw exists within the showUser...
8.8CVSS
7.1AI Score
0.0005EPSS
D-Link D-View TftpReceiveFileHandler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw exists...
9.8CVSS
8.2AI Score
0.001EPSS
CVE-2023-32166 D-Link D-View uploadFile Directory Traversal Arbitrary File Creation Vulnerability
D-Link D-View uploadFile Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
6.7AI Score
0.001EPSS
D-Link D-View TftpReceiveFileHandler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw exists...
7.5AI Score
0.001EPSS
D-Link D-View shutdown_coreserver Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw...
6.8AI Score
0.001EPSS
D-Link D-View uploadFile Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
8.1CVSS
7AI Score
0.001EPSS
D-Link D-View TftpSendFileThread Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw exists....
7.5CVSS
6.3AI Score
0.001EPSS
D-Link D-View coreservice_action_script Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw...
9.8CVSS
8.3AI Score
0.001EPSS
D-Link D-View showUsers Improper Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. The specific flaw exists within the showUsers...
8.8CVSS
7.1AI Score
0.001EPSS
D-Link D-View addDv7Probe XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw...
6.2AI Score
0.001EPSS
Exploit for Improper Input Validation in Microsoft
Pachine Python implementation for CVE-2021-42278 (Active...
8.6AI Score
CVE-2023-52559 iommu/vt-d: Avoid memory allocation in iommu_suspend()
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid memory allocation in iommu_suspend() The iommu_suspend() syscore suspend callback is invoked with IRQ disabled. Allocating memory with the GFP_KERNEL flag may re-enable IRQs during the suspend callback, which can....
6.6AI Score
0.0004EPSS
CVE-2021-47177 iommu/vt-d: Fix sysfs leak in alloc_iommu()
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix sysfs leak in alloc_iommu() iommu_device_sysfs_add() is called before, so is has to be cleaned on subsequent...
6.2AI Score
0.0004EPSS
D-Link D-View coreservice_action_script Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw...
7.9AI Score
0.001EPSS
A vulnerability has been found in AlliedModders AMX Mod X on Windows and classified as critical. This vulnerability affects the function cmdVoteMap of the file plugins/adminvote.sma of the component Console Command Handler. The manipulation of the argument amx_votemap leads to path traversal. The.....
9.8CVSS
7.6AI Score
0.002EPSS
D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
9.8CVSS
7.3AI Score
0.0005EPSS
D-Link D-View uploadMib Directory Traversal Arbitrary File Creation or Deletion Vulnerability. This vulnerability allows remote attackers to create and delete arbitrary files on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. The specific flaw...
6.5CVSS
7AI Score
0.001EPSS
D-Link D-View addDv7Probe XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw...
8.2CVSS
6.4AI Score
0.001EPSS
D-Link D-View InstallApplication Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw exists....
9.8CVSS
7.5AI Score
0.001EPSS
D-Link D-View shutdown_coreserver Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw...
5.9CVSS
7.1AI Score
0.001EPSS
d-o-o.de Cross Site Scripting vulnerability OBB-3885530
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
CVE-2023-32169 D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability
D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
7AI Score
0.0005EPSS
D-Link D-View uploadMib Directory Traversal Arbitrary File Creation or Deletion Vulnerability. This vulnerability allows remote attackers to create and delete arbitrary files on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. The specific flaw...
6.7AI Score
0.001EPSS
D-Link D-View InstallApplication Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw exists....
7.2AI Score
0.001EPSS
CVE-2024-35957 iommu/vt-d: Fix WARN_ON in iommu probe path
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix WARN_ON in iommu probe path Commit 1a75cc710b95 ("iommu/vt-d: Use rbtree to track iommu probed devices") adds all devices probed by the iommu driver in a rbtree indexed by the source ID of each device. It assumes...
7.2AI Score
0.0004EPSS
CVE-2024-27079 iommu/vt-d: Fix NULL domain on device release
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix NULL domain on device release In the kdump kernel, the IOMMU operates in deferred_attach mode. In this mode, info->domain may not yet be assigned by the time the release_device function is called. It leads to the...
6.4AI Score
0.0004EPSS
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The...
A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853,...
5.3CVSS
7.3AI Score
0.001EPSS
CVE-2024-4960 D-Link DAR-7000-40 licenseauthorization.php unrestricted upload
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in D-Link DAR-7000-40 V31R02B1413C. Affected is an unknown function of the file interface/sysmanage/licenseauthorization.php. The manipulation of the argument file_upload leads to unrestricted upload. It is...
6.6AI Score
0.0004EPSS
CVE-2024-4963 D-Link DAR-7000-40 url.php unrestricted upload
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DAR-7000-40 V31R02B1413C. This affects an unknown part of the file /url/url.php. The manipulation of the argument file_upload leads to unrestricted upload. It is possible to initiate the attack...
6.5AI Score
0.0004EPSS
CVE-2024-4962 D-Link DAR-7000-40 resmanage.php unrestricted upload
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DAR-7000-40 V31R02B1413C. Affected by this issue is some unknown functionality of the file /useratte/resmanage.php. The manipulation of the argument file leads to unrestricted upload. The...
6.5AI Score
0.0004EPSS
CVE-2024-4961 D-Link DAR-7000-40 onlineuser.php unrestricted upload
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical was found in D-Link DAR-7000-40 V31R02B1413C. Affected by this vulnerability is an unknown functionality of the file /user/onlineuser.php. The manipulation of the argument file_upload leads to unrestricted upload. The attack...
6.6AI Score
0.0004EPSS
CVE-2024-4964 D-Link DAR-7000-40 urlblist.php unrestricted upload
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DAR-7000-40 V31R02B1413C and classified as critical. This vulnerability affects unknown code of the file /firewall/urlblist.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated.....
6.6AI Score
0.0004EPSS
In pf_write_buf of FuseDaemon.cpp, there is possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7CVSS
7.2AI Score
0.0004EPSS
CVE-2024-4699 D-Link DAR-8000-10 importhtml.php deserialization
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230922. This issue affects some unknown processing of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. The attack may be initiated....
6.5AI Score
0.0004EPSS