A vulnerability was found in Intelbras VIP S3020 G2, VIP S4020 G2, VIP S4020 G3 and VIP S4320 G2 up to 20241222. It has been classified as critical. This affects an unknown part of the file ../mtd/Config/Sha1Account1 of the component Web Interface. The manipulation leads to path traversal: '../filedir'. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability is uniquely identified as CVE-2024-12897. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
It is recommended to apply restrictive firewalling.
A vulnerability was found in Beijing Longda Jushang Technology DBShop商城系统 3.3 Release 231225. It has been declared as problematic. This vulnerability affects unknown code of the file /home-order. The manipulation of the argument orderStatus with the input %22%3E%3Csvg%20onload=alert(5888)%3E leads to cross site scripting.
This vulnerability was named CVE-2024-12991. The attack can be initiated remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was found in ruifang-tech Rebuild 3.8.6. It has been classified as problematic. This affects an unknown part of the file /user/admin-verify of the component Admin Verification Page. The manipulation of the argument nexturl with the input http://localhost/evil.html leads to open redirect.
This vulnerability is uniquely identified as CVE-2024-12990. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was found in WISI Tangram GT31 up to 20241214 and classified as problematic. Affected by this issue is some unknown functionality of the component HTTP Request Handler. The manipulation leads to server-side request forgery.
This vulnerability is handled as CVE-2024-12989. The attack may be launched remotely. There is no exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
It is recommended to apply restrictive firewalling.
The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability, which was classified as very critical, has been found in NapShare 1.2. This issue affects the function auto_filter_extern of the file auto.c. The manipulation leads to memory corruption.
The identification of this vulnerability is CVE-2004-1286. The attack may be initiated remotely. Furthermore, there is an exploit available.
A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Affected by this vulnerability is the function sub_16C4C of the component HTTP Header Handler. The manipulation of the argument Host leads to buffer overflow.
This vulnerability is known as CVE-2024-12988. The attack can be launched remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
It is recommended to apply restrictive firewalling.
The vendor was contacted early about this disclosure but did not respond in any way.
A Brazilian citizen faces U.S. charges for allegedly threatening to release data stolen from a company in a March 2020 security breach. The U.S. government has charged the Brazilian citizen Junior Barros De Oliveira, 29, with allegedly threatening to release data stolen from a company during a March 2020 security breach. De Oliveira was charged […]
A vulnerability classified as problematic was found in Linux Kernel 4.8.0. Affected by this vulnerability is an unknown functionality in the library /lib/udev/rules.d/50-udev-default.rules of the component udevd. The manipulation leads to command injection.
This vulnerability is known as CVE-2017-7874. An attack has to be approached locally. Furthermore, there is an exploit available.