
CVE-2025-29363
دیروز
دیروز
0
Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to buffer overflow via the schedStartTime and schedEndTime parameters at /goform/saveParentControlInfo. This vulnerability allows attacker ...
نمایش کامل

CVE-2025-29362
دیروز
دیروز
0
Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the list parameter at /goform/setPptpUserList. This vulnerability allows attackers to cause a Denial of Service (Do ...
نمایش کامل

CVE-2025-29361
دیروز
دیروز
0
Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the list parameter at /goform/SetVirtualServerCfg. This vulnerability allows attackers to cause a Denial of Service ...
نمایش کامل

CVE-2025-29360
دیروز
دیروز
0
Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the time and timeZone parameters at /goform/SetSysTimeCfg. This vulnerability allows attackers to cause a Denial of ...
نمایش کامل

CVE-2025-29359
دیروز
دیروز
0
Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the deviceId parameter at /goform/saveParentControlInfo. This vulnerability allows attackers to cause a Denial of S ...
نمایش کامل

CVE-2025-29358
دیروز
دیروز
0
Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the firewallEn parameter at /goform/SetFirewallCfg. This vulnerability allows attackers to cause a Denial of Servic ...
نمایش کامل

CVE-2025-29357
دیروز
دیروز
0
Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the startIp and endIp parameters at /goform/SetPptpServerCfg. This vulnerability allows attackers to cause a Denial ...
نمایش کامل

CVE-2024-57348
دیروز
دیروز
0
Cross Site Scripting vulnerability in PecanProject pecan v.1.7.2 allows a remote attacker to execute arbitrary code via the crafted payload to the hostname, sitegroupid, lat, lon and sitename paramete ...
نمایش کامل

CVE-2024-28803
دیروز
دیروز
0
Cross-site scripting (XSS) vulnerability in Italtel S.p.A. i-MCS NFV v.12.1.0-20211215 allows unauthenticated remote attackers to inject arbitrary web script or HTML into HTTP/POST parameter
نمایش کامل

CVE-2024-22880
دیروز
دیروز
0
Cross Site Scripting vulnerability in Zadarma Zadarma extension v.1.0.11 allows a remote attacker to execute a arbitrary code via a crafted script to the webchat component.
نمایش کامل

CVE-2025-2280
دیروز
دیروز
0
Improper access control in web extension restriction feature in Devolutions Server 2024.3.13 and earlier allows an authenticated user to bypass the browser extension restriction feature.
نمایش کامل

CVE-2025-2278
دیروز
دیروز
0
Improper access control in temporary access requests and checkout requests endpoints in Devolutions Server 2024.3.13 and earlier allows an authenticated user to access information about these requests ...
نمایش کامل

CVE-2025-2277
دیروز
دیروز
0
Exposure of password in web-based SSH authentication component in Devolutions Server 2024.3.13 and earlier allows a user to unadvertently leak his SSH password due to missing password masking.
نمایش کامل

CVE-2025-1636
دیروز
دیروز
0
Exposure of sensitive information in My Personnal Credentials password history component in Devolutions Remote Desktop Manager 2024.3.29 and earlier on Windows allows an authenticated user to inadvert ...
نمایش کامل

CVE-2025-1635
دیروز
دیروز
0
Exposure of sensitive information in hub data source export feature in Devolutions Remote Desktop Manager 2024.3.29 and earlier on Windows allows a user exporting a hub data source to include his auth ...
نمایش کامل

CVE-2024-10942
دیروز
دیروز
0
The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 7.89 via deserialization of untrusted input in the 'replace_seri ...
نمایش کامل

CVE-2025-29998
دیروز
دیروز
0
This vulnerability exists in the CAP back office application due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this vulnerability by sendi ...
نمایش کامل

CVE-2025-29997
دیروز
دیروز
0
This vulnerability exists in the CAP back office application due to improper authorization checks on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipul ...
نمایش کامل

CVE-2025-29996
دیروز
دیروز
0
This vulnerability exists in the CAP back office application due to improper implementation of OTP verification mechanism in its API based login. A remote attacker with valid credentials could exploit ...
نمایش کامل

CVE-2025-29995
دیروز
دیروز
0
This vulnerability exists in the CAP back office application due to a weak password-reset mechanism implemented at API endpoints. An authenticated remote attacker with a valid login ID could exploit t ...
نمایش کامل

4 ماه قبل
4 ماه قبل
21
SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
نمایش کامل

5 ماه قبل
5 ماه قبل
14
reNgine 2.2.0 - Command Injection (Authenticated)
نمایش کامل

5 ماه قبل
5 ماه قبل
15
openSIS 9.1 - SQLi (Authenticated)
نمایش کامل

5 ماه قبل
5 ماه قبل
15
dizqueTV 1.5.3 - Remote Code Execution (RCE)
نمایش کامل

6 ماه قبل
6 ماه قبل
17
NoteMark < 0.13.0 - Stored XSS
نمایش کامل

6 ماه قبل
6 ماه قبل
13
Gitea 1.22.0 - Stored XSS
نمایش کامل

6 ماه قبل
6 ماه قبل
14
Invesalius3 - Remote Code Execution
نمایش کامل

6 ماه قبل
6 ماه قبل
24
Windows TCP/IP - RCE Checker and Denial of Service
نمایش کامل

6 ماه قبل
6 ماه قبل
16
Aurba 501 - Authenticated RCE
نمایش کامل

6 ماه قبل
6 ماه قبل
13
HughesNet HT2000W Satellite Modem - Password Reset
نمایش کامل

6 ماه قبل
6 ماه قبل
17
Elber Wayber Analog/Digital Audio STL 4.00 - Device Config Disclosure
نمایش کامل

6 ماه قبل
6 ماه قبل
16
Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
نمایش کامل

6 ماه قبل
6 ماه قبل
16
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
نمایش کامل

6 ماه قبل
6 ماه قبل
16
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
نمایش کامل

6 ماه قبل
6 ماه قبل
14
Helpdeskz v2.0.2 - Stored XSS
نمایش کامل

6 ماه قبل
6 ماه قبل
13
Calibre-web 0.6.21 - Stored XSS
نمایش کامل

7 ماه قبل
7 ماه قبل
17
Devika v1 - Path Traversal via 'snapshot_path'
نمایش کامل

7 ماه قبل
7 ماه قبل
13
Genexus Protection Server 9.7.2.10 - 'protsrvservice' Unquoted Service Path
نمایش کامل

7 ماه قبل
7 ماه قبل
15
SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path
نمایش کامل

7 ماه قبل
7 ماه قبل
14
Oracle Database 12c Release 1 - Unquoted Service Path
نمایش کامل