Submit #524744: H3C Technologies Co., Ltd. H3C Magic NX30 Pro\H3C NX400\H3C NX15\H3C R3010\H3C BE18000 <=V100R014 Command Injection [Accepted]
Submit #524744 / VDB-304584
Aggregator
Submit #524743: H3C Technologies Co., Ltd. H3C Magic NX30 Pro\H3C NX400\H3C NX15\H3C R3010\H3C BE18000 <=V100R014 Command Injection [Accepted]
17 hours 49 minutes ago
Submit #524743 / VDB-304583
mono7s
Submit #524739: H3C Technologies Co., Ltd. H3C Magic NX30 Pro \ Magic NX15 \ H3C NX400 \ H3C Magic R3010 <=V100R014 Command Injection [Accepted]
17 hours 49 minutes ago
Submit #524739 / VDB-304582
mono7s
Submit #524738: H3C Technologies Co., Ltd. H3C Magic NX30 Pro \ Magic NX15 \ H3C NX400 \ H3C Magic R3010 <=V100R014 Command Injection [Accepted]
17 hours 49 minutes ago
Submit #524738 / VDB-304581
mono7s
Submit #524737: H3C Technologies Co., Ltd. H3C Magic NX30 Pro \ Magic NX15 \ H3C NX400 \ H3C Magic R3010 <=V100R014 Command Injection [Accepted]
17 hours 49 minutes ago
Submit #524737 / VDB-304580
mono7s
Submit #524734: H3C Technologies Co., Ltd. Magic NX30 Pro \ Magic NX15 \ H3C NX400 \ H3C Magic R3010 <=V100R014 Command Injection [Accepted]
17 hours 49 minutes ago
Submit #524734 / VDB-304579
mono7s
Submit #521814: H3C H3C Magic NX30 Pro\H3C NX400\H3C NX15\H3C R3010\H3C BE18000 <=V100R014 Command Injection [Accepted]
17 hours 49 minutes ago
Submit #521814 / VDB-304578
Sta8r9
G.O.S.S.I.P 2025年4月投稿指南
17 hours 51 minutes ago
清明时节雨纷纷,路上行人欲断魂。我们在4月为大家准备了如下一些礼物,欢迎大家积极投稿哦~
G.O.S.S.I.P 阅读推荐 2025-04-13 摧毁Intel 熔丝加密密钥安全防护
17 hours 51 minutes ago
本文转载自“华东师范大学密码学院”公众号,欢迎关注想象一下,你在家中安装了世界上最先进的安全系统——钛合金大
CVE-2024-1999 | Kadence Gutenberg Blocks Plugin up to 3.2.25 on WordPress Testimonial Widget cross site scripting
17 hours 56 minutes ago
A vulnerability was found in Kadence Gutenberg Blocks Plugin up to 3.2.25 on WordPress. It has been declared as problematic. This vulnerability affects unknown code of the component Testimonial Widget. The manipulation leads to cross site scripting.
This vulnerability was named CVE-2024-1999. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2024-2821 | DedeCMS 5.7 friendlink_edit.php ID cross-site request forgery
17 hours 56 minutes ago
A vulnerability, which was classified as problematic, has been found in DedeCMS 5.7. Affected by this issue is some unknown functionality of the file /src/dede/friendlink_edit.php. The manipulation of the argument ID leads to cross-site request forgery.
This vulnerability is handled as CVE-2024-2821. The attack may be launched remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com
CVE-2024-2822 | DedeCMS 5.7 /src/dede/vote_edit.php aid cross-site request forgery
17 hours 56 minutes ago
A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/vote_edit.php. The manipulation of the argument aid leads to cross-site request forgery.
This vulnerability is uniquely identified as CVE-2024-2822. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com
CVE-2024-2820 | DedeCMS 5.7 /src/dede/baidunews.php filename cross-site request forgery
17 hours 56 minutes ago
A vulnerability classified as problematic was found in DedeCMS 5.7. Affected by this vulnerability is an unknown functionality of the file /src/dede/baidunews.php. The manipulation of the argument filename leads to cross-site request forgery.
This vulnerability is known as CVE-2024-2820. The attack can be launched remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com
CVE-2024-2823 | DedeCMS 5.7 /src/dede/mda_main.php cross-site request forgery
17 hours 56 minutes ago
A vulnerability has been found in DedeCMS 5.7 and classified as problematic. This vulnerability affects unknown code of the file /src/dede/mda_main.php. The manipulation leads to cross-site request forgery.
This vulnerability was named CVE-2024-2823. The attack can be initiated remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com
CVE-2024-2824 | Matthias-Wandel jhead 3.08 exif.c PrintFormatNumber heap-based overflow (Issue 84)
17 hours 56 minutes ago
A vulnerability was found in Matthias-Wandel jhead 3.08 and classified as critical. This issue affects the function PrintFormatNumber of the file exif.c. The manipulation leads to heap-based buffer overflow.
The identification of this vulnerability is CVE-2024-2824. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-1848 | Dassault Systèmes SOLIDWORKS Desktop 2024/2024 SP1 File use after free
17 hours 56 minutes ago
A vulnerability has been found in Dassault Systèmes SOLIDWORKS Desktop 2024/2024 SP1 and classified as critical. Affected by this vulnerability is an unknown functionality of the component File Handler. The manipulation leads to use after free.
This vulnerability is known as CVE-2024-1848. It is possible to launch the attack on the local host. There is no exploit available.
vuldb.com
Захлопнули дверь, забыли про окна: обновленный FortiGate продолжает сливать данные шпионам
18 hours 10 minutes ago
Пока вы читаете этот заголовок, они шарятся в ваших файлах через символические ссылки.
CVE-2025-3248 | langflow-ai langflow up to 1.2.0 HTTP Request /api/v1/validate/code missing authentication
18 hours 22 minutes ago
A vulnerability has been found in langflow-ai langflow up to 1.2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /api/v1/validate/code of the component HTTP Request Handler. The manipulation leads to missing authentication.
This vulnerability is known as CVE-2025-3248. The attack can be launched remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2004-2548 | Netwin Surgemail up to 2.0a2 Error Message cross site scripting (EDB-24177 / XFDB-16320)
18 hours 33 minutes ago
A vulnerability, which was classified as problematic, was found in Netwin Surgemail up to 2.0a2. Affected is an unknown function of the component Error Message Handler. The manipulation leads to basic cross site scripting.
This vulnerability is traded as CVE-2004-2548. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-29944 | Mozilla Firefox up to 124.0.0 Event cross site scripting (DLA 3775-1)
18 hours 33 minutes ago
A vulnerability was found in Mozilla Firefox up to 124.0.0. It has been declared as problematic. This vulnerability affects unknown code of the component Event Handler. The manipulation leads to cross site scripting.
This vulnerability was named CVE-2024-29944. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com