12 matches found
📄 NetBT e-Fatura 2024 Unquoted Service Path
NetBT e-Fatura 2024 suffers from an unquoted service path vulnerability. Exploit Title: NetBT e-Fatura - Privilege Escalation Author: Seccops Discovery Date: 2025-10-03 Vendor: https://net-bt.com.tr/e-fatura/ Tested Version: 2024 Tested on OS: Microsoft Windows Server 2019 DC Vulnerability Type:...
CVE-2025-14018
creationtimestamp| type| source ---|---|--- 2025-12-22 15:33:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3malklvhvyu2y 2026-04-10 14:11:09+00:00| seen| https://bsky.app/profile/exploitdb-bot.bsky.social/post/3mj5iu7qcxz27 2026-04-11 03:00:10+00:00| published-proof-of-concept|...
CVE-2019-14018
Possible out of bound array access as there is no check on carrier index passed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9625, MDM9635M...
CVE-2021-34837
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2021-34837
CVE-2021-34837 affects Foxit PDF Reader 11.0.0.49893/Foxit PhantomPDF family. The issue is a use of unvalidated object handling in Annotation objects, where the absence of validating an object before operations can allow remote code execution in the current process after a user opens a malicious ...
CVE-2021-34837
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2020-14018
Navigate CMS 2.9 r1433 contains a stored XSS in the user-management interface (View user and Edit user pages) triggered via the User field and the E-Mail field. On the Edit page, XSS is triggered only via the E-Mail field; on the View page it can be triggered by either field. No remediation or pa...
CVE-2019-14018
Possible out of bound array access as there is no check on carrier index passed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9625, MDM9635M...
CVE-2019-14018
CVE-2019-14018 is a Qualcomm/Snapdragon component issue described as a possible out-of-bounds array access caused by no carrier index check in Snapdragon Auto/Compute/IoT/mobile wearable stacks (multiple Snapdragon/MDM/SC families listed). NVD/Red Hat entries indicate a local attack surface with ...
CVE-2019-14018
Possible out of bound array access as there is no check on carrier index passed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9625, MDM9635M...
CVE-2017-14018
Affected product : Ethicon Endo-Surgery Generator Gen11 (all versions released before 2017-11-29). Vulnerability : Improper Authentication (CWE-287) where the security mechanism between Gen11 and single-patient use products can be bypassed, allowing unauthorized devices to connect and potentially...