21 matches found
Multiple vulnerabilities in ABB Terra AC Wallbox
Overview Terra AC Wallbox provided by ABB contains the following vulnerability. Heap-based buffer overflow CWE-122 - CVE-2025-10504 Classic buffer overflow CWE-120 - CVE-2025-12142 Stack-based buffer overflow CWE-121 - CVE-2025-12143 Ryo Kato of Panasonic reported this vulnerability to IPA...
CVE-2025-10504
Heap-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33...
CVE-2025-10504
creationtimestamp| type| source ---|---|--- 2025-09-29 08:41:10+00:00| seen| https://bsky.app/profile/basefortify.bsky.social/post/3lzxmgd4t7c2j 2026-05-21 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-141-05 2026-05-24 20:13:40+00:00| seen|...
CVE-2025-10504
Heap-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33...
CVE-2024-10504
The Contact Form, Survey, Quiz & Popup Form Builder WordPress plugin before 1.7.1 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated users to perform Cross-Site Scripting attacks...
WordPress ARForms Builder plugin < 1.7.1 - Unauthenticated Stored XSS vulnerability
Unauthenticated Stored XSS vulnerability discovered by Malek Althubiany in WordPress Plugin ARForms Form Builder versions 1.7.1...
CVE-2024-10504
The Contact Form, Survey, Quiz & Popup Form Builder WordPress plugin before 1.7.1 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated users to perform Cross-Site Scripting attacks...
CVE-2024-10504 ARForms Builder < 1.7.1 - Unauthenticated Stored XSS
The Contact Form, Survey, Quiz & Popup Form Builder WordPress plugin before 1.7.1 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated users to perform Cross-Site Scripting attacks...
RHEL 6 : openjpeg (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openjpeg: Stack-buffer overflow in the pgxtoimage function CVE-2017-17479 - openjpeg: heap-based buffer...
RHEL 7 : openjpeg (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openjpeg: Stack-buffer overflow in the pgxtoimage function CVE-2017-17479 - openjpeg: heap-based buffer...
SUSE CVE-2016-10504
Heap-based buffer overflow vulnerability in the opjmqcbyteout function in mqc.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service application crash via a crafted bmp file...
CVE-2020-10504
CVE-2020-10504 affects Chadha PHPKB Standard Multi-Language 9, where a CSRF flaw in admin/edit-comments.php enables an attacker to edit a comment by supplying an id via a crafted request. The vulnerability stems from insufficient CSRF protection in the affected endpoint, allowing unauthorized sta...
CVE-2019-10504
Firmware not able to send EXT scan response to host within 1 sec due to resource consumption issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, Qualcomm 215, SD 210/SD 212/SD 205, SD...
CVE-2019-10504
Firmware not able to send EXT scan response to host within 1 sec due to resource consumption issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, Qualcomm 215, SD 210/SD 212/SD 205, SD...
CVE-2019-10504
CVE-2019-10504 affects Qualcomm Snapdragon firmware components (multiple Snapdragon Auto/Consumer IoT/Industrial IoT devices and related SoCs). Root cause: resource consumption leads to firmware not delivering EXT scan response to host within 1 second, impacting availability. Affected products in...
WordPress Plugin Form Maker 1.12.20 - CSV Injection
WordPress Plugin Form Maker 1.12.20 - CSV Injection Exploit Title: Wordpress Plugin Form Maker version 1.12.20 vulnerable to to Formula Injection CSV Injection Google Dork: N/A Date: 27-04-2018 Exploit Author: Jetty Sairam Software Link: https://wordpress.org/plugins/form-maker/ Affected Version:...
CVE-2018-10504
creationtimestamp| type| source ---|---|--- 2018-04-30 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/44559...
CVE-2018-10504
The CVE-2018-10504 entry concerns the WordPress plugin WebDorado Form Maker by WD, version prior to 1.12.24, which is vulnerable to CSV injection. The root cause is that CSV data exported by the Form Maker form can be crafted to execute commands when opened by a user with sufficient privileges, e...
[SECURITY] [DSA 4013-1] openjpeg2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4013-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 31, 2017 https://www.debian.org/security/faq -...
CVE-2016-10504
Heap-based buffer overflow vulnerability in the opjmqcbyteout function in mqc.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service application crash via a crafted bmp file...