| Page(s) : 1 ... 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 [1221] 1222 1223 1224 1225 1226 1227 1228 1229 1230 1231 ... | Result(s) : 301752 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 7.8 | 2025-01-14 | CVE-2025-21138 | cve | Substance3D - Designer versions 14.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current... |
| 7.8 | 2025-01-14 | CVE-2025-21139 | cve | Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the c... |
| 6.5 | 2025-01-14 | CVE-2025-23018 | cve | IPv4-in-IPv6 and IPv6-in-IPv6 tunneling (RFC 2473) do not require the validation or verification of the source of a network packet, allowing an attacker to spoof and route arbit... |
| 6.5 | 2025-01-14 | CVE-2025-23019 | cve | IPv6-in-IPv4 tunneling (RFC 4213) allows an attacker to spoof and route traffic via an exposed network interface. |
| 4.7 | 2025-01-14 | CVE-2024-10253 | cve | A potential TOCTOU vulnerability was reported in PC Manager, Lenovo Browser, and Lenovo App Store that could allow a local attacker to cause a system crash. |
| 4.7 | 2025-01-14 | CVE-2024-10254 | cve | A potential buffer overflow vulnerability was reported in PC Manager, Lenovo Browser, and Lenovo App Store that could allow a local attacker to cause a system crash. |
| 6.8 | 2025-01-14 | CVE-2024-45102 | cve | A privilege escalation vulnerability was discovered that could allow a valid, authenticated LXCA user to escalate their permissions for a connected XCC instance when using LXCA ... |
| N/A | 2025-01-14 | CVE-2024-48760 | cve | An issue in GestioIP v3.5.7 allows a remote attacker to execute arbitrary code via the file upload function. The attacker can upload a malicious perlcmd.cgi file that overwrites... |
| N/A | 2025-01-14 | CVE-2024-50857 | cve | The ip_do_job request in GestioIP v3.5.7 is vulnerable to Cross-Site Scripting (XSS). It allows data exfiltration and enables CSRF attacks. The vulnerability requires specific u... |
| N/A | 2025-01-14 | CVE-2024-50858 | cve | Multiple endpoints in GestioIP v3.5.7 are vulnerable to Cross-Site Request Forgery (CSRF). An attacker can execute actions via the admin's browser by hosting a malicious UR... |
| N/A | 2025-01-14 | CVE-2024-50859 | cve | The ip_import_acl_csv request in GestioIP v3.5.7 is vulnerable to Reflected XSS. When a user uploads an improperly formatted file, the content may be reflected in the HTML respo... |
| N/A | 2025-01-14 | CVE-2024-50861 | cve | The ip_mod_dns_key_form.cgi request in GestioIP v3.5.7 is vulnerable to Stored XSS. An attacker can inject malicious code into the "TSIG Key" field, which is saved in the databa... |
| N/A | 2025-01-14 | CVE-2024-57471 | cve | H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 2.4G wireless network processing function. Attackers who successfully exp... |
| N/A | 2025-01-14 | CVE-2024-57479 | cve | H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address update function. Attackers who successfully exploit this vuln... |
| N/A | 2025-01-14 | CVE-2024-57480 | cve | H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the AP configuration function. Attackers who successfully exploit this vulner... |
| N/A | 2025-01-14 | CVE-2024-57482 | cve | H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 5G wireless network processing function. Attackers who successfully explo... |
| N/A | 2025-01-14 | CVE-2024-21797 | cve | A command execution vulnerability exists in the adm.cgi set_TR069() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary co... |
| N/A | 2025-01-14 | CVE-2024-34166 | cve | An os command injection vulnerability exists in the touchlist_sync.cgi touchlistsync() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of HTTP reques... |
| N/A | 2025-01-14 | CVE-2024-34544 | cve | A command injection vulnerability exists in the wireless.cgi AddMac() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary ... |
| N/A | 2025-01-14 | CVE-2024-36258 | cve | A stack-based buffer overflow vulnerability exists in the touchlist_sync.cgi touchlistsync() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request... |
| Page(s) : 1 ... 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 [1221] 1222 1223 1224 1225 1226 1227 1228 1229 1230 1231 ... | Result(s) : 301752 |
