CVE-2025-14968

A security flaw has been discovered in code-projects Simple Stock System 1.0. Affected by this issue is some unknown functionality of the file /market/update.php. The manipulation of the argument email results in sql injection. The attack can be launched remotely. The exploit has been released to...

CVE-2025-14968

A security flaw has been discovered in code-projects Simple Stock System 1.0. Affected by this issue is some unknown functionality of the file /market/update.php. The manipulation of the argument email results in sql injection. The attack can be launched remotely. The exploit has been released to...

CVE-2020-14968

An issue was discovered in the jsrsasign package before 8.0.17 for Node.js. Its RSASSA-PSS RSA-PSS implementation does not detect signature manipulation/modification by prepending '\0' bytes to a signature it accepts these modified signatures as valid. An attacker can abuse this behavior in an...

CVE-2021-34973

Foxit PDF Reader PDF File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must vis...

CVE-2020-14968

creationtimestamp| type| source ---|---|--- 2024-01-19 09:14:46+00:00| seen| https://t.me/arpsyndicate/2914...

Improper Verification of Cryptographic Signature

Overview Versions of jsrsasignprior to 8.0.17 fail to properly verify cryptographic signatures. Its RSASSA-PSS RSA-PSS implementation does not detect signature manipulation/modification by prepending '\0' bytes to a signature it accepts these modified signatures as valid. An attacker can abuse th...

CVE-2020-14968

An issue was discovered in the jsrsasign package before 8.0.17 for Node.js. Its RSASSA-PSS RSA-PSS implementation does not detect signature manipulation/modification by prepending '\0' bytes to a signature it accepts these modified signatures as valid. An attacker can abuse this behavior in an...

CVE-2020-14968

An issue was discovered in the jsrsasign package before 8.0.17 for Node.js. Its RSASSA-PSS RSA-PSS implementation does not detect signature manipulation/modification by prepending '\0' bytes to a signature it accepts these modified signatures as valid. An attacker can abuse this behavior in an...

CVE-2020-14968

The CVE-2020-14968 issue affects the jsrsasign package for Node.js prior to 8.0.17. Its RSASSA-PSS verification accepts signatures prepended with zero bytes, enabling an attacker to create multiple valid signatures where only one should exist and potentially trigger memory corruption. The confirm...

CVE-2020-14968

An issue was discovered in the jsrsasign package before 8.0.17 for Node.js. Its RSASSA-PSS RSA-PSS implementation does not detect signature manipulation/modification by prepending '\0' bytes to a signature it accepts these modified signatures as valid. An attacker can abuse this behavior in an...

Stack overflow

An issue was discovered on Samsung mobile devices with P9.0 Exynos chipsets software. The Wi-Fi kernel drivers have a stack overflow. The Samsung IDs are SVE-2019-14965, SVE-2019-14966, SVE-2019-14968, SVE-2019-14969, SVE-2019-14970, SVE-2019-14980, SVE-2019-14981, SVE-2019-14982, SVE-2019-14983,...

CVE-2019-20541

The CVE-2019-20541 entry concerns Samsung mobile devices running Android P (9.0) on Exynos chipsets, where the Wi-Fi kernel drivers are affected by a stack overflow. Affected Samsung IDs include SVE-2019-14965, 14966, 14968–14970, 14980–14984, 15122–15123 (November 2019). The issue originates in ...

CVE-2019-14968

An issue was discovered in imcat 4.9. There is SQL Injection via the index.php order parameter in a mod=faqs action...

CVE-2019-14968

CVE-2019-14968 affects imcat 4.9, with an SQL Injection vulnerability in the mod=faqs action via the index.php order parameter. Evidence from multiple sources (NVD, RH, CNVD, OSV) indicates a critical risk (CVSSv3 base 9.8, CRITICAL; CVSSv2 base 7.5, HIGH). The connected documents do not specify ...

CVE-2018-14968

An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.address.php has SQL Injection via the numPerPage parameter...

CVE-2018-14968

EMLsoft 5.4.5 has an SQL injection in upload\eml\action\action.address.php via the numPerPage parameter. A remote attacker could view, add, modify or delete data in the back-end database through this vector. Root cause: improper handling of the numPerPage parameter leading to SQL injection. No re...

IKARUS anti.virus Multiple Arbitrary/Out of Bounds Write Vulnerabilities

IKARUS anti.virus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-14968

In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x830000c4, a related issue to CVE-2017-17113...

CVE-2017-14968

The CVE-2017-14968 entry concerns IKARUS anti.virus, specifically the ntguard.sys driver. The vulnerability is an Arbitrary Write caused by not validating input values for IOCTL 0x830000c4, with a related issue to CVE-2017-17113. Affected product versions include IKARUS anti.virus prior to 2.16.1...

CVE-2017-14968

In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x830000c4, a related issue to CVE-2017-17113...