371 matches found
thesystem App 1.0 - (server_name) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: thesystem 1.0 - 'servername' SQL Injection Author: Sadik Cetin Vendor Homepage: https://github.com/kostasmitroglou/thesystem Software Link: https://github.com/kostasmitroglou/thesystem Tested Version: 1.0 Tested on OS: Windows 1...
CVE-2017-18530
The rating-bws plugin before 0.2 for WordPress has multiple XSS issues...
CVE-2017-18501
The social-login-bws plugin before 0.2 for WordPress has multiple XSS issues...
Rockwell Automation PM3000 M8 w/EtherNetIP,Class 0.2 1404-M8xxx-ENT-02 B
Binary data 753893.prm...
Rockwell Automation PM3000 M8 w/ControlNet, Class 0.2 1404-M8xxx-CNT-02
Binary data 753895.prm...
Rockwell Automation PM3000 M5 w/ControlNet, Class 0.2 1404-M5xxx-CNT-02
Binary data 753887.prm...
OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling (RMI, 8218453)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
Design/Logic Flaw
There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase located in GfxState.cc in Xpdf 4.0.0, as used in pdfalto 0.2. It can be triggered by for example sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service Segmentation...
CVE-2019-9878
CVE-2019-9878 affects Xpdf 4.0.0 (as used in pdfalto 0.2). The vulnerability is an invalid memory access in GfxIndexedColorSpace::mapColorToBase() in GfxState.cc, which can be triggered by sending a crafted PDF to the pdftops binary, leading to Denial of Service via a segmentation fault or potent...
CVE-2019-9878
There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase located in GfxState.cc in Xpdf 4.0.0, as used in pdfalto 0.2. It can be triggered by for example sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service Segmentation...
CVE-2019-9878
There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase located in GfxState.cc in Xpdf 4.0.0, as used in pdfalto 0.2. It can be triggered by for example sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service Segmentation...
Stack overflow
GattLib 0.2 has a stack-based buffer over-read in gattlibconnect in dbus/gattlib.c because strncpy is misused...
Heap overflow
A issue was found in pdfalto 0.2. There is a heap-based buffer overflow in the TextPage::addAttributsNode function in XmlAltoOutputDev.cc...
CVE-2018-16552
MicroPyramid Django-CRM 0.2 allows CSRF for /users/create/, /users//edit/, and /accounts//delete/ URIs...
many-versioned-wheel (>=0.1.0 <=0.2.0) potentially affected by CVE-2011-1158 via feedparser (=5.0.0)
feedparser PYPI version =5.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on feedparser and may be impacted: - many-versioned-wheel =0.1.0, =0.2.0 Source cves: CVE-2011-1158 Source advisory: OSV:GHSA-4M72-RMM9-2QJR...
Anymail django-anymail Information Disclosure Vulnerability
Anymail django-anymail is a set of multiple transactional e-mail service provider integrated into Django open source e-mail system . A security vulnerability exists in the WEBHOOKAUTHORIZATION setting value in Anymail django-anymail versions 0.2 through 1.3. An attacker can exploit this...
Kallithea < 0.2 CSRF Vulnerability
A vulnerability has been found in Kallithea, allowing attackers to gain unauthorised access to the account of a logged in user. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Memory corruption
A memory leak was found in the way SIPcrack 0.2 handled processing of SIP traffic, because a lines array was mismanaged. A remote attacker could potentially use this flaw to crash long-running sipdump network sniffing sessions...
CVE-2017-11654
An out-of-bounds read and write flaw was found in the way SIPcrack 0.2 processed SIP traffic, because 0x00 termination of a payload array was mishandled. A remote attacker could potentially use this flaw to crash the sipdump process by generating specially crafted SIP traffic...
Cross site scripting
An out-of-bounds read and write flaw was found in the way SIPcrack 0.2 processed SIP traffic, because 0x00 termination of a payload array was mishandled. A remote attacker could potentially use this flaw to crash the sipdump process by generating specially crafted SIP traffic...