NVIDIA DALI contains a vulnerability in a component where an attacker could cause a heap-based buffer overflow. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure.
Omnissa Workspace ONEĀ® Assist for macOS contains a Local Privilege Escalation Vulnerability.
An improper implementation of TLS certificate validation vulnerability found in NETGEAR's ReadyCloud client app which could allow an attacker to performĀ attacker-in-the-middle (MiTM) style attacks impacting the product's confidentiality. This vulnerability affects the listed NETGEAR models...
Insufficient input validation in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows users connected to the local WiFi Networks to execute operating system commands.Ā NETGEAR JR6150 has reached End-of-Support phase as of 2018 , and no further security updates are pl...
Insufficient configuration management in the listed devicesĀ allows authenticated administrators connected to the local network to tamper with the system.
Insufficient input validation vulnerability in the listed NETGEARĀ devicesĀ allows authenticated administrators connected to the local network toĀ tamper with the router's integrity.
An insufficient input validation vulnerability in certain NETGEAR router models as listed allows an authenticated administrator with local network access to submit crafted input that bypasses intended management interface restrictions, resulting in unauthorized modification of protected router softw...
Insufficient input validation vulnerability in theĀ listed NETGEAR models allowsĀ authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.
Insufficient input validation vulnerability in theĀ listed NETGEAR models allowsĀ authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.
A buffer overflow vulnerability due to insufficient input validationĀ in theĀ listed NETGEAR models allowsĀ authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.
Insufficient input validation vulnerability in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows administrators connected to the local network to make unauthorized modification of router software and functionality.Ā NETGEARĀ JR6150 reached End-of-Support status in 2...
An information disclosure vulnerability in theĀ NETGEARĀ Orbi satellites (RBR/RBE/RBS Series) could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability. Orbi WiFi Systems without satellite devices are no...
Authenticated administrators connected to the local network can gain elevated access to the router and make unauthorized changes to router software and functionality.
AĀ NETGEARĀ security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run commands on your device when the device administrator performs certain specific management actions.Ā This issue affects NETGEAR Orbi 370 series devices be...
CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure of server-side file contents when an attacker with a Data Center Expert user account submits crafted XML payloads to SOAP service endpoints.
Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in MOSK Information Technologies Ltd. CBS Platform allows SQL Injection. This issue affects CBS Platform: through 09062026.Ā Ā NOTE: The vendor was contacted and it was learned that the produc...
Mem0 versions through 0.2.8, fixed in commit ae7f406, contain a missing authorization vulnerability in the self-hosted server component where the POST /configure endpoint modifies global LLM provider and embedder configuration but only verifies authentication via JWT or X-API-Key without validating ...
A improper access control vulnerability in Fortinet FortiPortal 7.4.0 through 7.4.7, FortiPortal 7.2.0 through 7.2.8, FortiPortal 7.0 all versions may allow attacker to improper access control via <insert attack vector here>
A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through ...
Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability in the privileged helper service. The helper validates connecting XPC clients using the client process identifier (PID) to verify code-signing identity. Because process identifiers can be reused...