CVE-2012-10064 Omni Secure Files < 0.1.14 Unauthenticated Arbitrary File Upload

Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability in the bundled plupload example endpoint. The /wp-content/plugins/omni-secure-files/plupload/examples/upload.php handler allows unauthenticated uploads without enforcing safe file type restrictions,...

CVE-2025-10064

creationtimestamp| type| source ---|---|--- 2025-09-07 03:26:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ly7ql3itka2h...

CVE-2013-10064

A stack-based buffer overflow vulnerability exists in ActFax Server version 5.01. The server's RAW protocol interface fails to safely process user-supplied data in @F506 fax header fields due to insecure usage of strcpy. Remote attackers can exploit this vulnerability by sending specially crafted...

CVE-2013-10064 ActFax 5.01 RAW Server Buffer Overflow

A stack-based buffer overflow vulnerability exists in ActFax Server version 5.01. The server's RAW protocol interface fails to safely process user-supplied data in @F506 fax header fields due to insecure usage of strcpy. Remote attackers can exploit this vulnerability by sending specially crafted...

CVE-2013-10064

ActFax Server 5.01 RAW Server is affected by a stack-based buffer overflow in the @F506 fax header handling caused by insecure use of strcpy. Remote attackers with network access to TCP 4559 and without authentication can potentially execute arbitrary code. Multiple sources corroborate the issue ...

CVE-2015-10064

A vulnerability was found in VictorFerraresi pokemon-database-php. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The patch is named dd0e1e6cdf648d6a3deff441f515bcb1d7573d68. It is recommended to apply a patch...

Linux Distros Unpatched Vulnerability : CVE-2016-10064

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service application crash or have other unspecified...

CVE-2015-10064

CVE-2015-10064 affects VictorFerraresi’s pokemon-database-php . The vulnerability is a SQL injection in an unknown functionality, described as critical. The patch to fix this issue is named dd0e1e6cdf648d6a3deff441f515bcb1d7573d68 . Connected documents confirm the affected software and the remedi...

CVE-2015-10064 VictorFerraresi pokemon-database-php sql injection

A vulnerability was found in VictorFerraresi pokemon-database-php. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The patch is named dd0e1e6cdf648d6a3deff441f515bcb1d7573d68. It is recommended to apply a patch...

CVE-2020-10064 Improper Input Frame Validation in ieee802154 Processing

Improper Input Frame Validation in ieee802154 Processing. Zephyr versions = v1.14.2, = v2.2.0 contain Stack-based Buffer Overflow CWE-121, Heap-based Buffer Overflow CWE-122. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3gvq-h42f-v3c7...

CVE-2020-10064

The CVE-2020-10064 issue affects Zephyr RTOS, specifically the ieee802154 processing path. The root cause is improper input frame validation, leading to stack-based (CWE-121) and heap-based (CWE-122) buffer overflows in Zephyr versions &gt;= v1.14.2 and &gt;= v2.2.0. This vulnerability is documen...

Debian DLA-2318-1 : wpa security update

The following CVEs have been reported against src:wpa. CVE-2019-10064 hostapd before 2.6, in EAP mode, makes calls to the rand and random standard library functions without any preceding srand or srandom call, which results in inappropriate use of deterministic values. This was fixed in conjuncti...

[SECURITY] [DLA 2318-1] wpa security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2318-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta August 09, 2020 https://wiki.debian.org/LTS -...

Debian: Security Advisory (DLA-2138-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2138-1] wpa security update

Package : wpa Version : 2.3-1+deb8u10 CVE ID : CVE-2019-10064 Similar to CVE-2016-10743 the host access point daemon, hostapd, in EAP mode used a low quality pseudorandom number generator that leads to insufficient entropy. The problem was resolved by using the osgetrandom function which provides...

CVE-2019-10064

hostapd before 2.6, in EAP mode, makes calls to the rand and random standard library functions without any preceding srand or srandom call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743...

CVE-2019-10064

creationtimestamp| type| source ---|---|--- 2020-02-28 18:33:05+00:00| seen| https://t.me/cibsecurity/10175...

CVE-2019-10064

hostapd before 2.6, in EAP mode, makes calls to the rand and random standard library functions without any preceding srand or srandom call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743...

CVE-2019-10064

hostapd before 2.6, in EAP mode, makes calls to the rand and random standard library functions without any preceding srand or srandom call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743...

CVE-2019-10064

CVE-2019-10064 affects hostapd prior to 2.6 in EAP mode, where rand() and random() are invoked without a preceding srand()/srandom(), leading to deterministic values. This behavior is described as an inappropriate use of randomness and is fixed in conjunction with CVE-2016-10743. Public reference...