Description In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK. References https://wiki.znc.in/Category:ChangeLog https://github.com/znc/znc/releases/tag/znc-1.9.1 https://wiki.znc.in/ChangeLog/1.9.1 https://www.openwall.com/lists/oss-security/2024/07/03/9 http://www.openwall.com/lists/oss-security/2024/07/03/9 For More Information CVERecord
Description An os command injection vulnerability exists in the CWMP SelfDefinedTimeZone functionality of Grandstream GXP2135 1.0.9.129, 1.0.11.74 and 1.0.11.79. A specially crafted network packet can…
Description An authentication bypass in the SSH service of gost v2.11.5 allows attackers to intercept communications via setting the HostKeyCallback function to ssh.InsecureIgnoreHostKey. References https://github.com/ginuerzh/gost/issues/1034…
Description A high privileged remote attacker can execute arbitrary system commands via GET requests due to improper neutralization of special elements used in an OS…
Description Uncontrolled Resource Consumption vulnerability in MESbook 20221021.03 version. An unauthenticated remote attacker can use the "message" parameter to inject a payload with dangerous JavaScript…
Description Mattermost versions 9.8.x