Description
The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.
Base Score: 9.8 CRITICAL
CVE-2022-2536 Description The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient validation of settings on the ‘tp_translation’ AJAX action which makes it possible for unauthenticated attackers to bypass any restrictions and influence the data shown on […]
CVE-2022-3724 Description Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows Base Score: 7.5 HIGH https://www.wireshark.org/security/wnpa-sec-2022-08.html ____________________________ CVE-2022-46829 Description In JetBrains JetBrains Gateway before 2022.3 a client could connect without a valid token if the host consented. Base Score: 8.8 HIGH […]
CVE-2023-21819 Description Windows Secure Channel Denial of Service Vulnerability Base Score: 7.5 HIGH https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21819 CVE-2023-21820 Description Windows Distributed File System (DFS) Remote Code Execution Vulnerability Base Score: 7.4 HIGH https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21820 CVE-2023-21822 Description Windows Graphics Component Elevation of Privilege Vulnerability Base Score: 7.8 HIGH https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21822 CVE-2023-23374 Description Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Base Score: 8.3 […]
Leave a Reply