15 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-10491
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been identified in the Express response.links function, allowing for arbitrary resource injection in the Link header when unsanitized data i...
CVE-2020-10491
CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a department via a crafted request...
CVE-2025-10491
creationtimestamp| type| source ---|---|--- 2025-09-15 16:38:46+00:00| seen| https://gist.github.com/Darkcrai86/6c50919372ca0896d9498550f196a40d...
CVE-2019-10491
ADSP can be compromised since its a general-purpose CPU processing untrusted data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and...
CVE-2024-10491
A flaw was found in the Express Node.js framework. In certain versions, an attacker may be able to trigger an arbitrary resource injection attack via the link header when unsanitized data is used...
CVE-2024-10491
creationtimestamp| type| source ---|---|--- 2024-10-29 18:57:47+00:00| seen| https://t.me/cvedetector/9352...
CVE-2024-10491
A vulnerability has been identified in the Express response.links function, allowing for arbitrary resource injection in the Link header when unsanitized data is used. The issue arises from improper sanitization in Link header values, which can allow a combination of characters like ,, ;, and to...
CVE-2024-10491 Preload arbitrary resources by injecting additional `Link` headers
A vulnerability has been identified in the Express response.links function, allowing for arbitrary resource injection in the Link header when unsanitized data is used. The issue arises from improper sanitization in Link header values, which can allow a combination of characters like ,, ;, and to...
CVE-2024-10491
A vulnerability has been identified in the Express response.links function, allowing for arbitrary resource injection in the Link header when unsanitized data is used. The issue arises from improper sanitization in Link header values, which can allow a combination of characters like ,, ;, and to...
CVE-2024-10491 Preload arbitrary resources by injecting additional `Link` headers
A vulnerability has been identified in the Express response.links function, allowing for arbitrary resource injection in the Link header when unsanitized data is used. The issue arises from improper sanitization in Link header values, which can allow a combination of characters like ,, ;, and to...
CVE-2020-10491
The issue is a CSRF vulnerability in Chadha PHPKB Standard Multi-Language version 9, specifically affecting the endpoint admin/manage-departments.php. A crafted request can cause an attacker to add a department without proper authorization. The root cause is a CSRF weakness that allows unauthoriz...
CVE-2019-10491
ADSP can be compromised since its a general-purpose CPU processing untrusted data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and...
CVE-2019-10491
CVE-2019-10491 affects Qualcomm ADSP (Audio DSP) across a broad set of Snapdragon platforms (e.g., IPQ4019, IPQ8064, IPQ8074, MDM9150/9206/9607/9640/9650, MSM8909W/8996AU, QCS405/605, SD-series like SD 210–435/439, SD 450, 615/16/625/632/636/665/675, 712/710/670, 730, 820/820A, 835, 845/850, 855,...
CVE-2018-10491
Foxit Reader 9.0.0.29935 is affected by CVE-2018-10491 due to an out-of-bounds write in the parsing of U3D Bone Weight Modifier structures, enabling remote code execution. Exploitation requires user interaction (visiting a malicious page or opening a malicious file). The vulnerability context is ...
CVE-2016-10491
CVE-2016-10491 is an Android vulnerability affecting devices with Qualcomm Snapdragon Mobile and related SoCs. The issue arises from an integer overflow that can overflow a buffer in a QuRT API function, potentially enabling further impact on affected devices. Public references describe impact ac...