Security
Headlines
HeadlinesLatestCVEs

Tag

#firefox

Adapt Inventory Management System 1.0.0 SQL Injection

Adapt Inventory Management System version 1.0.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Packet Storm
Open in Source
#sql#vulnerability#windows#google#php#auth#firefox
Active Newspaper 2.0 HTML Injection

Active Newspaper version 2.0 suffers from an html injection vulnerability.

Mullvad VPN Introduces Mullvad Leta: A Privacy-Focused Search Engine

By Waqas The Mullvad Leta search engine is accessible exclusively to users with a paid Mullvad VPN account. This is a post from HackRead.com Read the original post: Mullvad VPN Introduces Mullvad Leta: A Privacy-Focused Search Engine

CVE-2023-36355: iotvul/tp-link/9/TP-Link TL-WR940N wireless router userRpmWanDynamicIpV6CfgRpm buffer write out-of-bounds vulnerability.md at main · a101e-IoTvul/iotvul

TP-Link TL-WR940N V4 was discovered to contain a buffer overflow via the ipStart parameter at /userRpm/WanDynamicIpV6CfgRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.

CVE-2023-36359: iotvul/tp-link/8/TP-Link TL-WR940N TL-WR841N TL-WR941ND wireless router userRpmQoSRuleListRpm buffer read out-of-bounds vulnerability.md at main · a101e-IoTvul/iotvul

TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR940N V2/V3 and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/QoSRuleListRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.

CVE-2023-36358: iotvul/tp-link/6/TL-WR940N_WR941ND_WR743ND_WR841N_userRpm_AccessCtrlAccessTargetsRpm.md at main · a101e-IoTvul/iotvul

TP-Link TL-WR940N V2/V3/V4, TL-WR941ND V5/V6, TL-WR743ND V1 and TL-WR841N V8 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlAccessTargetsRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.

CVE-2023-36356: iotvul/tp-link/4/TL-WR941ND_TL-WR940N_TL-WR740N_userRpm_VirtualServerRpm.md at main · a101e-IoTvul/iotvul

TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8, TL-WR941ND V5, and TL-WR740N V1/V2 were discovered to contain a buffer read out-of-bounds via the component /userRpm/VirtualServerRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.

CVE-2023-36354: iotvul/tp-link/7/TL-WR940N_TL-WR841N_TL-WR740N_TL-WR941ND_userRpm_AccessCtrlTimeSchedRpm.md at main · a101e-IoTvul/iotvul

TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR740N V1/V2, TL-WR940N V2/V3, and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlTimeSchedRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.

CVE-2023-36357: iotvul/tp-link/5/TL-WR941ND_TL-WR940N_TL-WR841N_userRpm_LocalManageControlRpm.md at main · a101e-IoTvul/iotvul

An issue in the /userRpm/LocalManageControlRpm component of TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8/V10, and TL-WR941ND V5 allows attackers to cause a Denial of Service (DoS) via a crafted GET request.

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

The United Parcel Service (UPS) says fraudsters have been harvesting phone numbers and other information from its online shipment tracking tool in Canada to send highly targeted SMS phishing (a.k.a. "smishing") messages that spoofed UPS and other top brands. The missives addressed recipients by name, included details about recent orders, and warned that those orders wouldn't be shipped unless the customer paid an added delivery fee.