Description
The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.
Base Score: 9.8 CRITICAL
CVE-2022-4043 Description The WP Custom Admin Interface WordPress plugin before 7.29 unserialize user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. Base Score: 7.2 HIGH https://wpscan.com/vulnerability/ffff8c83-0a59-450a-9b40-c7f3af7205fc __________________________________ CVE-2022-3679 Description The Starter Templates by Kadence WP WordPress plugin before 1.2.17 […]
CVE-2023-23381 Description Visual Studio Remote Code Execution Vulnerability Base Score: 8.4 HIGH https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23381 CVE-2023-21823 Description Windows Graphics Component Remote Code Execution Vulnerability Base Score: 7.8 HIGH https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21823 CVE-2023-21815 Description Visual Studio Remote Code Execution Vulnerability Base Score: 8.4 HIGH https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21815 CVE-2023-21808 Description .NET and Visual Studio Remote Code Execution Vulnerability Base Score: 7.8 HIGH https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21808 ______________________________________________________ […]
CVE-2022-3724 Description Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows Base Score: 7.5 HIGH https://www.wireshark.org/security/wnpa-sec-2022-08.html ____________________________ CVE-2022-46829 Description In JetBrains JetBrains Gateway before 2022.3 a client could connect without a valid token if the host consented. Base Score: 8.8 HIGH […]
Leave a Reply