Search Results (363284 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-51100 1 Tenda 2 W9, W9 Firmware 2024-11-21 9.8 Critical
Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formGetDiagnoseInfo .
CVE-2023-51099 1 Tenda 2 W9, W9 Firmware 2024-11-21 9.8 Critical
Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formexeCommand .
CVE-2023-51098 1 Tenda 2 W9, W9 Firmware 2024-11-21 9.8 Critical
Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formSetDiagnoseInfo .
CVE-2023-51095 1 Tenda 2 M3, M3 Firmware 2024-11-21 9.8 Critical
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formDelWlRfPolicy.
CVE-2023-51094 1 Tenda 2 M3, M3 Firmware 2024-11-21 9.8 Critical
Tenda M3 V1.0.0.12(4856) was discovered to contain a Command Execution vulnerability via the function TendaTelnet.
CVE-2023-51093 1 Tenda 2 M3, M3 Firmware 2024-11-21 9.8 Critical
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function fromSetLocalVlanInfo.
CVE-2023-51092 1 Tenda 2 M3, M3 Firmware 2024-11-21 9.8 Critical
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function upgrade.
CVE-2023-51091 1 Tenda 2 M3, M3 Firmware 2024-11-21 9.8 Critical
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function R7WebsSecurityHandler.
CVE-2023-51090 1 Tenda 2 M3, M3 Firmware 2024-11-21 9.8 Critical
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formGetWeiXinConfig.
CVE-2023-51079 2 Mvel, Redhat 2 Mvel, Apache Camel Spring Boot 2024-11-21 5.3 Medium
A long execution time can occur in the ParseTools.subCompileExpression method in MVEL 2.5.0.Final because of many Java class lookups. NOTE: the vendor disputes this because "the only thing that you could expect is that the parser will take a crazy amount of time to complete its task."
CVE-2023-51070 1 Qstar 1 Archive Storage Manager 2024-11-21 7.5 High
An access control issue in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows unauthenticated attackers to arbitrarily adjust sensitive SMB settings on the QStar Server.
CVE-2023-51051 1 S-cms 1 S-cms 2024-11-21 9.8 Critical
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_textauth parameter at /admin/ajax.php.
CVE-2023-51050 1 S-cms 1 S-cms 2024-11-21 9.8 Critical
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_productauth parameter at /admin/ajax.php.
CVE-2023-51049 1 S-cms 1 S-cms 2024-11-21 9.8 Critical
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_bbsauth parameter at /admin/ajax.php.
CVE-2023-51048 1 S-cms 1 S-cms 2024-11-21 9.8 Critical
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_newsauth parameter at /admin/ajax.php.
CVE-2023-51043 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more 2024-11-21 7.0 High
In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic commit and a driver unload.
CVE-2023-51042 2 Linux, Redhat 5 Linux Kernel, Enterprise Linux, Logging and 2 more 2024-11-21 7.8 High
In the Linux kernel before 6.4.12, amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c has a fence use-after-free.
CVE-2023-51035 1 Totolink 2 Ex1200l, Ex1200l Firmware 2024-11-21 9.8 Critical
TOTOLINK EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution on the cstecgi.cgi NTPSyncWithHost interface.
CVE-2023-51034 1 Totolink 2 Ex1200l, Ex1200l Firmware 2024-11-21 8.8 High
TOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the cstecgi.cgi UploadFirmwareFile interface.
CVE-2023-51033 1 Totolink 2 Ex1200l, Ex1200l Firmware 2024-11-21 9.8 Critical
TOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the cstecgi.cgi setOpModeCfg interface.