) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2024-34221 |
Sourcecodester Human Resource Management System 1.0 is vulnerable to Insecure Permissions resulting in privilege escalation. Published: May 14, 2024; 11:38:36 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-34220 |
Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injection via the 'leave' parameter. Published: May 14, 2024; 11:38:35 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-34219 |
TOTOLINK CP450 V4.1.0cu.747_B20191224 was discovered to contain a vulnerability in the SetTelnetCfg function, which allows attackers to log in through telnet. Published: May 14, 2024; 11:38:35 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-34218 |
TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. Published: May 14, 2024; 11:38:35 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-34217 |
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the addWlProfileClientMode function. Published: May 14, 2024; 11:38:35 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-34215 |
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setUrlFilterRules function. Published: May 14, 2024; 11:38:35 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-34213 |
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the SetPortForwardRules function. Published: May 14, 2024; 11:38:35 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-34212 |
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the CloudACMunualUpdate function. Published: May 14, 2024; 11:38:35 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-34211 |
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root. Published: May 14, 2024; 11:38:34 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-34210 |
TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the CloudACMunualUpdate function via the FileName parameter. Published: May 14, 2024; 11:38:34 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-34209 |
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setIpPortFilterRules function. Published: May 14, 2024; 11:38:34 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-34207 |
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setStaticDhcpConfig function. Published: May 14, 2024; 11:38:34 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-34206 |
TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter. Published: May 14, 2024; 11:38:34 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-34205 |
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the download_firmware function. Published: May 14, 2024; 11:38:33 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-34204 |
TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the setUpgradeFW function via the FileName parameter. Published: May 14, 2024; 11:38:33 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-34203 |
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setLanguageCfg function. Published: May 14, 2024; 11:38:33 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-34202 |
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setMacFilterRules function. Published: May 14, 2024; 11:38:33 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-34201 |
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the getSaveConfig function. Published: May 14, 2024; 11:38:33 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-34200 |
TOTOLINK CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setIpQosRules function. Published: May 14, 2024; 11:38:33 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2024-34199 |
TinyWeb 1.94 and below allows unauthenticated remote attackers to cause a denial of service (Buffer Overflow) when sending excessively large elements in the request line. Published: May 14, 2024; 11:38:32 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |