DiskBoss is prone to a buffer-overflow when handling specially crafted packets. No authentication is required.

Dell EMC Data Protection Advisor contains an Authentication Bypass vulnerability and a OS Command Injection vulnerability, which allows attackers to gain arbitrary code execution on the affected system.

Tp-link EAP Controller does not handle privilege management correctly so a non privileged user can execute privileged actions. This module will try to change the device's settings and enable ssh in order to take control of the managed Access Points.

The specific flaw exists within the parsing of a RSS file. The issue lies in the failure to properly validate the length of user-supplied data prior to copying it to a fixed-length buffer.

Easy File Sharing Web Server is prone to a buffer-overflow when handling a specially crafted POST request.

The specific flaw exists within the processing of FLN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.

The specific flaw exists within the processing of CXP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.

DiskBoss Enterprise server is prone to a remote buffer-overflow vulnerability.

Disk Pulse server is prone to a buffer-overflow vulnerability when handling a crafted POST request, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM priviledges.

Drupal is prone to an OS command injection vulnerability that allows attackers to take advantage of an improper validation of user-supplied data in the Form API Ajax Requests.