WTCMS 1.0 Background Links cross site scripting
A vulnerability has been found in WTCMS 1.0 and classified as problematic. This vulnerability affects an unknown function of the
Zoomsounds Plugin up to 6.45 on WordPress Configuration wp-config.php dzsap_download link pathname traversal
A vulnerability, which was classified as critical, was found in Zoomsounds Plugin up to 6.45 on WordPress (WordPress Plugin). This
OneNav 0.9.12 Add Link cross site scripting
A vulnerability has been found in OneNav 0.9.12 and classified as problematic. Affected by this vulnerability is some unknown processing
Claws Mail/Sylpheed Link textview.c textview_uri_security_check Privilege Escalation
A vulnerability classified as problematic was found in Claws Mail and Sylpheed (Mail Client Software) (affected version unknown). Affected by
QNAP QTS/QuTS Hero/QuTScloud myQNAPcloud Link insecure storage of sensitive information
A vulnerability was found in QNAP QTS, QuTS Hero and QuTScloud (Network Attached Storage Software) (the affected version unknown). It
Cisco Video Surveillance 7000 Series IP Cameras Cisco Discovery and Link Layer Discovery Protocol Memory Leak Vulnerabilities
When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page, to determine exposure and a complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
Fixed Releases
At the time of publication, Cisco Video Surveillance 7000 Series IP Cameras firmware releases 2.12.3 and later contained the fix for these vulnerabilities.
To download the firmware updates from the Software Center on Cisco.com, click Browse all, choose Connected Safety and Security > Video Surveillance IP Cameras > Video Surveillance 7000 Series IP Cameras, and then choose the correct camera model.
CVE-2024-27521 : TOTOLINK A3300R 17.0.0CU.557_B20221024 SETOPMODECFG IMPROPER AUTHENTICATION
Description TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain an unauthenticated remote command execution (RCE) vulnerability via multiple parameters in the
CVE-2024-28283 : LINKSYS E1000 UP TO 2.1.03 PC_CHANGE_ACT STACK-BASED OVERFLOW
Description There is stack-based buffer overflow vulnerability in pc_change_act function in Linksys E1000 router firmware version v.2.1.03 and before, leading
CVE-2024-25331 : D-LINK DIR-822 REV B/DIR-822-CA REV B HNAP STACK-BASED OVERFLOW
Description DIR-822 Rev. B Firmware v2.02KRB09 and DIR-822-CA Rev. B Firmware v2.03WWb01 suffer from a LAN-Side Unauthenticated Remote Code Execution
CVE-2024-1783 : TOTOLINK LR1200GB 9.1.0U.6619_B20230130/9.3.5U.6698_B20230810 WEB INTERFACE /CGI-BIN/CSTECGI.CGI LOGINAUTH HTTP_HOST STACK-BASED OVERFLOW
Description A vulnerability classified as critical has been found in Totolink LR1200GB 9.1.0u.6619_B20230130/9.3.5u.6698_B20230810. Affected is the function loginAuth of the
CVE-2024-22853 : D-LINK GO-RT-AC750 101B03 HARD-CODED PASSWORD
Description D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access
CVE-2023-7095 : TOTOLINK A7100RU 7.4CU.2313_B20191024 HTTP POST REQUEST CSTECGI.CGI MAIN FLAG BUFFER OVERFLOW
Description A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313_B20191024. Affected by this issue is
CVE-2023-5972 : LINUX KERNEL UP TO 6.6-RC6 NETLINK ATTRIBUTE NFT_INNER.C NULL POINTER DEREFERENCE
Description A null pointer dereference flaw was found in the nft_inner.c functionality of netfilter in the Linux kernel. This issue
CVE-2023-36089 : D-LINK DIR-645 1.03 PHPCGI_MAIN IMPROPER AUTHENTICATION
Description ** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-645 firmware version 1.03 allows remote attackers to gain
CVE-2023-27216 : D-LINK DSL-3782 1.03 NETWORK SETTING PRIVILEGE ESCALATION
Description An issue found in D-Link DSL-3782 v.1.03 allows remote authenticated users to execute arbitrary code as root via the
CVE-2023-1389 : TP-LINK ARCHER AX21 PRIOR 1.1.4 BUILD 20230219 WEB MANAGEMENT INTERFACE LOCALE POPEN COUNTRY OS COMMAND INJECTION
Description TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form
CVE-2022-48108 : D-LINK DIR-878 1.30B08 SUBNETMASK COMMAND INJECTION
Description D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the component /SetNetworkSettings/SubnetMask. This vulnerability allows attackers to
Microsoft Edge Blink Remote Code Execution [CVE-2022-0113]
A vulnerability was found in Microsoft Edge (Web Browser) (unknown version). It has been rated as critical. This issue affects
D-Link DIR-2640 1.11B02 Quagga Service path traversal
A vulnerability was found in D-Link DIR-2640 1.11B02 (Router Operating System). It has been rated as critical. This issue affects
D-Link DIR-2640 1.11B02 Quagga Service hard-coded credentials
A vulnerability classified as very critical has been found in D-Link DIR-2640 1.11B02 (Router Operating System). Affected is some unknown
Trendnet AC2600 TEW-827DRU 2.08B01 Bittorrent symlink
A vulnerability classified as critical was found in Trendnet AC2600 TEW-827DRU 2.08B01. Affected by this vulnerability is an unknown function
TP-LINK AX10v1 prior 1_211117 Web Interface Privilege Escalation
A vulnerability classified as critical has been found in TP-LINK AX10v1. Affected is an unknown part of the component Web
ToTop Link Plugin up to 1.7.1 on WordPress base64 User Input unserialize deserialization
A vulnerability was found in ToTop Link Plugin up to 1.7.1 on WordPress (WordPress Plugin). It has been classified as
Samsung Internet up to 16.0.1 SearchKeyword Deeplink input validation
A vulnerability has been found in Samsung Internet up to 16.0.1 and classified as critical. Affected by this vulnerability is