| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_4143F0. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter timestr. |
| An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the protal_delete_picname parameter in the sub_41171C function at bin/webmgnt. |
| An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the ifname and mac parameters in the sub_410074 function at bin/webmgnt. |
| An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the destination parameter of sub_431F64 function in bin/webmgnt. |
| An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker to execute arbitrary code via username parameter of the set_sys_adm function in adm.cgi. |
| An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter. |
| Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039. |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411. |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395. |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the transcode_latin1_to_utf8 function in xlstool.c:296. |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1015. |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1018. |
| Buffer Overflow vulnerability in Michaelrsweet codedoc v.3.7 allows an attacker to cause a denial of service via the codedoc.c:1742 comppnent. |
| An issue in tire-sales Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. |
| An issue in rmc R Beauty CLINIC Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. |
| An issue in CHRISTINA JAPAN Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. |
| An issue in Marbre Lapin Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. |
| An issue in Anglaise Company Anglaise.Company v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. |
| An issue in Atlos v.1.0 allows an authenticated attacker to execute arbitrary code via a crafted payload into the description field in the incident function. |
| Bitwarden Desktop 2023.7.0 and below allows an attacker with local access to obtain sensitive information via the Bitwarden.exe process. |