23 matches found
CVE-2020-10854
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. Kernel stack addresses are leaked to userspace. The Samsung ID is SVE-2019-16161 January 2020...
RockyLinux 10 : kernel (RLSA-2025:10854)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:10854 advisory. kernel: exfat: fix random stack corruption after getblock CVE-2025-22036 Tenable has extracted the preceding description block directly from the RockyLinux...
AlmaLinux 10 : kernel (ALSA-2025:10854)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:10854 advisory. kernel: exfat: fix random stack corruption after getblock CVE-2025-22036 Tenable has extracted the preceding description block directly from the AlmaLinux securi...
CVE-2025-10854
The txtai framework allows the loading of compressed tar files as embedding indices. While the validate function is intended to prevent path traversal vulnerabilities by ensuring safe filenames, it does not account for symbolic links within the tar file. An attacker is able to write a file anywhe...
Oracle Linux 10 : kernel (ELSA-2025-10854)
The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-10854 advisory. 6.12.0-55.21.1.0.10.OL10 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Add new Oracle Linux Driver Signing key 1 certificate Orabug:...
CVE-2024-10854
The Buy one click WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the buyoneclickimportoptions AJAX action in all versions up to, and including, 2.2.9. This makes it possible for authenticated attackers, with Subscriber-leve...
CVE-2019-10854
Computrols CBAS 18.0.0 allows Authenticated Command Injection...
CVE-2024-10854
creationtimestamp| type| source ---|---|--- 2024-11-13 02:37:10+00:00| seen| https://infosec.exchange/users/cve/statuses/113473318409073166...
CVE-2018-10854
creationtimestamp| type| source ---|---|--- 2024-02-26 14:42:07+00:00| seen| https://t.me/ctinow/193374...
CVE-2020-10854
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. Kernel stack addresses are leaked to userspace. The Samsung ID is SVE-2019-16161 January 2020...
CVE-2020-10854
CVE-2020-10854 concerns information disclosure on Samsung mobile devices running O(8.x), P(9.0), or Q(10.0) software, where kernel stack addresses are leaked to userspace. The issue affects the kernel exposure path and is classified with a high impact in CVSS 3.1 (base score 7.5) and medium in CV...
CVE-2018-10854
cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field...
CVE-2018-10854
cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field...
CVE-2018-10854
CloudForms/CloudForms Management Engine is affected by CVE-2018-10854 due to a stored XSS in the Name field within the v2v infrastructure mapping delete feature. Affected versions are CloudForms 5.8 and 5.9. Root cause: improper sanitization of user input in Name leading to stored XSS. Red Hat ad...
Computrols CBAS-Web 19.0.0 Command Injection
!/usr/bin/env python ''' Computrols CBAS-Web Unauthenticated Remote Command Injection Exploit Affected versions: 19.0.0 and below by Sipke Mellema, 2019 Advisory: https://applied-risk.com/resources/ar-2019-009 Paper: https://applied-risk.com/resources/i-own-your-building-management-system Uses tw...
CBAS-Web 19.0.0 - Remote Code Execution
Exploit Title: CBAS-Web 19.0.0 - Remote Code Execution Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/ Version: 19.0.0 Tested on: NA CVE : N/A...
Moderate: Red Hat Security Advisory: CloudForms 4.7.9 security, bug fix and enhancement update
An update is now available for CloudForms Management Engine 5.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
CVE-2019-10854
creationtimestamp| type| source ---|---|--- 2019-05-23 19:48:25+00:00| seen| https://t.me/cvemitreorg/259...
CVE-2019-10854
Computrols CBAS 18.0.0 allows Authenticated Command Injection...
CVE-2019-10854
CVE-2019-10854 affects Computrols CBAS Web (18.0.0/19.0.0). The vulnerability is described as a command-injection flaw in the json.php endpoint that can allow OS command execution, reported as part of a CBAS Web remote command injection chain. Public material (Exploits/Advisories) documents unaut...