Aggregator

A vulnerability classified as problematic was found in Sun Solaris 2.5.1/2.6/7.0. This vulnerability affects unknown code of the file arp of the component Parser. The manipulation of the argument -f leads to improper privilege management. This vulnerability was named CVE-1999-0859. Local access is required to approach this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 59.0.3. It has been classified as critical. This affects an unknown part of the component Skia. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2018-5159. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Name: Advent of CTF 2024 (an CyberStudents’ Advent of CTF event.)
Date: Dec. 1, 2024, 8 p.m. — 01 Jan. 2025, 04:59 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://cyberstudents.net/advent
Rating weight: 0
Event organizers: CyberStudentsCTF

A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. It has been declared as critical. This vulnerability affects unknown code of the file /goform/form2NetSniper.cgi. The manipulation leads to improper access controls. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability was named CVE-2024-13108. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.

A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. It has been classified as critical. This affects an unknown part of the file /goform/form2LocalAclEditcfg.cgi of the component ACL Handler. The manipulation leads to improper access controls. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is uniquely identified as CVE-2024-13107. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.

A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/form2IPQoSTcAdd of the component IP QoS Handler. The manipulation leads to improper access controls. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is handled as CVE-2024-13106. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.

A vulnerability has been found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/form2Dhcpd.cgi of the component DHCPD Setting Handler. The manipulation leads to improper access controls. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is known as CVE-2024-13105. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.

A vulnerability, which was classified as critical, was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. Affected is an unknown function of the file /goform/form2AdvanceSetup.cgi of the component WiFi Settings Handler. The manipulation leads to improper access controls. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is traded as CVE-2024-13104. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.

A vulnerability, which was classified as critical, has been found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This issue affects some unknown processing of the file /goform/form2AddVrtsrv.cgi of the component Virtual Service Handler. The manipulation leads to improper access controls. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. The identification of this vulnerability is CVE-2024-13103. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.

A vulnerability classified as critical was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This vulnerability affects unknown code of the file /goform/DDNS of the component DDNS Service. The manipulation leads to improper access controls. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability was named CVE-2024-13102. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.

Overview of Content Published in December Filed under: Announcement — Didier Stevens @ 8

Submit #472088 / VDB-289924

Submit #472087 / VDB-289923

Submit #472086 / VDB-289922

Submit #472085 / VDB-289921

Submit #472076 / VDB-289920

Submit #472075 / VDB-289919

Submit #472074 / VDB-289918

注意事项本脚本是基于vnstat的流量统计，vnstat只会在安装后开始统计流量!TC模式无法防止DDoS消耗流量，流量消耗速度仍然较快！欢迎PR修复(如果可以修复的话)。如果遇到GitHub API