CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

135 matches found

OSV•added 2022/11/14 7:10 p.m.•11 views

GSD-2022-1007158 wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()

wifi: cfg80211: fix u8 overflow in cfg80211updatenotlistednontrans This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.74 by commit...

7.5AI score

Exploits0

OSV•added 2022/11/14 6:50 p.m.•14 views

GSD-2022-1006931 wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()

7.5AI score

Exploits0

CNVD•added 2022/11/02 12:0 a.m.•16 views

SQL Injection Vulnerability in UFIDA GRP-U8 Administration and Utilities Internal Control Management Software (New Government Accounting System Special Edition) (CNVD-2022-84009)

Founded in 1988, UFIDA is a leading digital intelligence platform and service provider for enterprises and public organizations in China and around the world. A SQL injection vulnerability exists in UFIDA GRP-U8 Administration and Utilities Internal Control Management Software New Government...

7.5AI score

Exploits0

CNVD•added 2022/06/12 12:0 a.m.•15 views

Logic flaw vulnerability in U8 cloud of UFIDA Network Technology Co.

U8 cloud is a new-generation cloud ERP launched by UFIDA, which mainly focuses on growing and innovative enterprises and provides enterprise-level cloud ERP total solutions. A logic flaw vulnerability exists in UFIDA U8 cloud, which can be exploited by attackers to obtain sensitive information...

6.7AI score

Exploits0

ATTACKERKB•added 2022/03/25 5:15 p.m.•3 views

CVE-2022-26263

Yonyou u8 v13.0 was discovered to contain a DOM-based cross-site scripting XSS vulnerability via the component /u8sl/WebHelp...

6.1CVSS5.8AI score0.37682EPSS

Exploits1References5

NVD•added 2022/03/25 5:15 p.m.•9 views

CVE-2022-26263

Yonyou u8 v13.0 was discovered to contain a DOM-based cross-site scripting XSS vulnerability via the component /u8sl/WebHelp...

6.1CVSS0.37682EPSS

Exploits1References3

OSV•added 2022/03/25 5:15 p.m.•4 views

CVE-2022-26263

Yonyou u8 v13.0 was discovered to contain a DOM-based cross-site scripting XSS vulnerability via the component /u8sl/WebHelp...

6.1CVSS6.3AI score

Exploits0References3

Prion•added 2022/03/25 5:15 p.m.•19 views

Cross site scripting

Yonyou u8 v13.0 was discovered to contain a DOM-based cross-site scripting XSS vulnerability via the component /u8sl/WebHelp...

4.3CVSS6AI score0.37682EPSS

Exploits1References3Affected Software1

CVE•added 2022/03/25 4:45 p.m.•124 views

CVE-2022-26263

CVE-2022-26263 — Yonyou U8 13.0 suffers a DOM-based cross-site scripting (XSS) vulnerability in the component /u8sl/WebHelp. The nuclei template confirms an attack where an attacker can inject arbitrary script in a victim’s browser context, potentially stealing cookie-based authentication credent...

6.1CVSS6AI score0.37682EPSS

Exploits1References3Affected Software1

Cvelist•added 2022/03/25 4:45 p.m.•17 views

CVE-2022-26263

Yonyou u8 v13.0 was discovered to contain a DOM-based cross-site scripting XSS vulnerability via the component /u8sl/WebHelp...

6.2AI score0.37682EPSS

Exploits1References3

EUVD•added 2022/03/25 4:45 p.m.•5 views

EUVD-2022-30825

Yonyou u8 v13.0 was discovered to contain a DOM-based cross-site scripting XSS vulnerability via the component /u8sl/WebHelp...

6.1CVSS6AI score0.37682EPSS

Exploits1References3

Github Security Blog•added 2021/08/25 8:53 p.m.•21 views

Arbitrary return types in xcb

The function xcb::xproto::GetPropertyReply::value returns a slice of type T where T is an unconstrained type parameter. The raw bytes received from the X11 server are interpreted as the requested type. The users of the xcb crate are advised to only call this function with the intended types. Thes...

9.8CVSS8.7AI score0.01728EPSS

Exploits1References5Affected Software1

OSV•added 2021/08/25 8:53 p.m.•13 views

GHSA-2XPG-3HX4-FM9R Out of bounds read in xcb

An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because there is an out-of-bounds read in xcb::xproto::changeproperty, as demonstrated by a format=32 T=u8 situation where out-of-bounds bytes are sent to an X server...

9.8CVSS8.9AI score0.01754EPSS

Exploits4References4

CNVD•added 2021/08/10 12:0 a.m.•13 views

Mozilla Rust has an unspecified vulnerability (CNVD-2021-61405)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. a security vulnerability exists in the anymap crate of Mozilla Rust version 0.12.1, which can be exploited by attackers to compromise soundness by converting u8 to u64...

9.8CVSS4.2AI score0.01441EPSS

Exploits1References1

NVD•added 2021/08/08 6:15 a.m.•8 views

CVE-2021-38187

An issue was discovered in the anymap crate through 0.12.1 for Rust. It violates soundness via conversion of a u8 to a u64...

9.8CVSS0.01441EPSS

Exploits1References2

OSV•added 2021/08/08 6:15 a.m.•16 views

CVE-2021-38187

An issue was discovered in the anymap crate through 0.12.1 for Rust. It violates soundness via conversion of a u8 to a u64...

9.8CVSS6.6AI score

Exploits0References2