CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2018-21114 Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.44, EX6150v2 before 1.0.1.70, EX6100v2 before 1.0.1.70, EX6200v2 before 1.0.1.64, EX... | 6.8 | MEDIUM | — | 0 |
| CVE-2018-21115 NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers. | 8.8 | HIGH | — | 0 |
| CVE-2018-21116 NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers. | 8.8 | HIGH | — | 0 |
| CVE-2018-21117 NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers via the traceroute handler. | 8.8 | HIGH | — | 0 |
| CVE-2018-21150 Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122... | 6.8 | MEDIUM | — | 0 |
| CVE-2019-19104 The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows access to different endpoints of the application without authenticating by accessing a specific uniform... | 9.1 | CRITICAL | — | 0 |
| CVE-2019-19105 The backup function in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway saves the current settings and configuration of the application, including credentials of existing user a... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-19106 Improper implementation of Access Control in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows an unauthorized user to access data marked as restricted, such as viewing or... | 9.1 | CRITICAL | — | 0 |
| CVE-2019-19107 The Configuration pages in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway for user profiles and services transfer the password in plaintext (although hidden when displayed). | 6.2 | MEDIUM | — | 0 |
| CVE-2020-4085 "HCL Connections is vulnerable to possible information leakage and could disclose sensitive information via stack trace to a local user." | 6.5 | MEDIUM | — | 0 |
| CVE-2023-38514 Missing Authorization vulnerability in social share pro Social Share Icons & Social Share Buttons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Shar... | 4.3 | MEDIUM | — | 0 |
| CVE-2020-8477 The installations for ABB System 800xA Information Manager versions 5.1, 6.0 to 6.0.3.2 and 6.1 wrongly contain an auxiliary component. An attacker is able to use this for an XSS-like attack to an aut... | 8.8 | HIGH | — | 0 |
| CVE-2017-18759 Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R8300 before 1.0.2.104 and R8500 before 1.0.2.104. | 6.8 | MEDIUM | — | 0 |
| CVE-2017-18761 NETGEAR R8000 devices before 1.0.4.2 are affected by a stack-based buffer overflow by an authenticated user. | 6.8 | MEDIUM | — | 0 |
| CVE-2017-18762 Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6100 before 1.0.0.57, R6100 before 1.0.1.16, R6900... | 8.8 | HIGH | — | 0 |
| CVE-2017-18763 Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects JNR1010v2 before 1.1.0.42, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.42, PR2000 before 1.0.0.18... | 6.5 | MEDIUM | — | 0 |
| CVE-2017-18764 Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6100 before 1.0.0.55, D7000 before 1.0.1.50, D7800 before 1.0.1.28, JNR1010v2 before 1.1.0.44, J... | 8.8 | HIGH | — | 0 |
| CVE-2017-18765 Certain NETGEAR devices are affected by denial of service. This affects R6300v2 before 1.0.4.8, R6400 before 1.0.1.22, R6400v2 before 1.0.2.32, R6700 before 1.0.1.20, R6900 before 1.0.1.20, WNR3500Lv2... | 6.5 | MEDIUM | — | 0 |
| CVE-2017-18766 Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects DST6501 before 1.1.0.6 and WNR2000v2 before 1.2.0.8. | 6.5 | MEDIUM | — | 0 |
| CVE-2017-18767 Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.34, D8500 before 1.0.3.39, R6400 before 1.0.1.14, R6400v2 before 1.0.2.32, R6700 bef... | 6.8 | MEDIUM | — | 0 |
| CVE-2017-18768 Certain NETGEAR devices are affected by CSRF. This affects EX6100 before 1.0.2.16_1.1.130, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.54, EX6200v2 before 1.0.1.50, EX6400 before 1.0.1.60, EX7300 ... | 8.8 | HIGH | — | 0 |
| CVE-2018-21118 NETGEAR XR500 devices before 2.3.2.32 are affected by authentication bypass. | 8.8 | HIGH | — | 0 |
| CVE-2025-43014 In JetBrains Toolbox App before 2.6 the SSH plugin established connections without sufficient user confirmation | 6.1 | MEDIUM | — | 0 |
| CVE-2018-21119 Certain NETGEAR devices are affected by command injection by an authenticated user. This affects WAC505 before 5.0.5.4 and WAC510 before 5.0.5.4. | 6.8 | MEDIUM | — | 0 |
| CVE-2018-21120 Certain NETGEAR devices are affected by CSRF. This affects WAC120 before 2.1.7, WAC505 before 5.0.5.4, WAC510 before 5.0.5.4, WNAP320 before 3.7.11.4, WNAP210v2 before 3.7.11.4, WNDAP350 before 3.7.11... | 8.0 | HIGH | — | 0 |
| CVE-2018-21121 Certain NETGEAR devices are affected by authentication bypass. This affects GS810EMX before 1.0.0.5, XS512EM before 1.0.0.6, and XS724EM before 1.0.0.6. | 8.8 | HIGH | — | 0 |
| CVE-2018-21122 Certain NETGEAR devices are affected by denial of service. This affects GS110EMX before 1.0.0.9, GS810EMX before 1.0.0.5, XS512EM before 1.0.0.6, and XS724EM before 1.0.0.6. | 6.5 | MEDIUM | — | 0 |
| CVE-2018-21123 Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects WC7500 before 6.5.3.9, WC7520 before 6.5.3.9, WC7600v1 before 6.5.3.9, and WC7600v2 before 6.5.3.... | 8.8 | HIGH | — | 0 |
| CVE-2020-11821 In Rukovoditel 2.5.2, users' passwords and usernames are stored in a cookie with URL encoding, base64 encoding, and hashing. Thus, an attacker can easily apply brute force on them. | 5.3 | MEDIUM | — | 0 |
| CVE-2018-21124 NETGEAR WAC510 devices before 5.0.0.17 are affected by privilege escalation. | 8.8 | HIGH | — | 0 |
| CVE-2018-21125 NETGEAR WAC510 devices before 5.0.0.17 are affected by authentication bypass. | 8.8 | HIGH | — | 0 |
| CVE-2018-21126 Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17. | 8.8 | HIGH | — | 0 |
| CVE-2020-10712 A flaw was found in OpenShift Container Platform version 4.1 and later. Sensitive information was found to be logged by the image registry operator allowing an attacker able to gain access to those lo... | 7.0 | HIGH | — | 0 |
| CVE-2020-5740 Improper Input Validation in Plex Media Server on Windows allows a local, unauthenticated attacker to execute arbitrary Python code with SYSTEM privileges. | 7.8 | HIGH | — | 0 |
| CVE-2020-7642 lazysizes through 5.2.0 allows execution of malicious JavaScript. The following attributes are not sanitized by the video-embed plugin: data-vimeo, data-vimeoparams, data-youtube and data-ytparams whi... | 5.4 | MEDIUM | — | 0 |
| CVE-2017-18752 Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R630... | 6.5 | MEDIUM | — | 0 |
| CVE-2017-18754 Certain NETGEAR devices are affected by command injection by an authenticated user. This affects WNDR3700v4 before 1.0.2.88, WNDR4300v1 before 1.0.2.90, and WNR2000v5 before 1.0.0.58. | 6.8 | MEDIUM | — | 0 |
| CVE-2017-18755 Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.4.8, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000P before 1.0.0.86, R6900P before 1.0.0.56... | 8.8 | HIGH | — | 0 |
| CVE-2017-18756 Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.66, D8500 before 1.0.3.35, DGN2200Bv4 before 1.0.0.94, DGN2... | 8.8 | HIGH | — | 0 |
| CVE-2017-18757 Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D7800 before 1.0.1.30, R6100 before 1.0.1.16, R7500 before 1.0.0.116, R7500v2 before 1.0.3.20, R7800 ... | 5.4 | MEDIUM | — | 0 |
| CVE-2017-18758 Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. | 8.0 | HIGH | — | 0 |
| CVE-2019-20787 Teeworlds before 0.7.4 has an integer overflow when computing a tilemap size. | 9.8 | CRITICAL | — | 0 |
| CVE-2020-11011 In Phproject before version 1.7.8, there's a vulnerability which allows users with access to file uploads to execute arbitrary code. This is patched in version 1.7.8. | 9.9 | CRITICAL | — | 0 |
| CVE-2020-12066 CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before 0.7.5 allows remote attackers to shut down the server. | 7.5 | HIGH | — | 0 |
| CVE-2018-18405 jQuery v2.2.2 allows XSS via a crafted onerror attribute of an IMG element. NOTE: this vulnerability has been reported to be spam entry | 6.1 | MEDIUM | — | 0 |
| CVE-2018-21127 Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17. | 8.8 | HIGH | — | 0 |
| CVE-2018-21128 Certain NETGEAR devices are affected by authentication bypass. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17. | 8.8 | HIGH | — | 0 |
| CVE-2018-21129 Certain NETGEAR devices are affected by disclosure of sensitive information. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17. | 6.5 | MEDIUM | — | 0 |
| CVE-2018-21130 Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17. | 8.8 | HIGH | — | 0 |
| CVE-2020-7055 An issue was discovered in Elementor 2.7.4. Arbitrary file upload is possible in the Elementor Import Templates function, allowing an attacker to execute code via a crafted ZIP archive. | 9.9 | CRITICAL | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.