10 matches found
CVE-2025-15150 PX4 PX4-Autopilot mavlink_log_handler.cpp log_entry_from_id stack-based overflow
A vulnerability was found in PX4 PX4-Autopilot up to 1.16.0. Affected by this issue is the function MavlinkLogHandler::statelisting/MavlinkLogHandler::logentryfromid of the file src/modules/mavlink/mavlinkloghandler.cpp. The manipulation results in stack-based buffer overflow. The attack is only...
CVE-2019-15150
In the OAuth2 Client extension before 0.4 for MediaWiki, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Paginator Elixir Remote Code Execution (CVE-2020-15150)
A remote code execution vulnerability exists in Paginator Elixir . Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2017-15150
CVE-2017-15150 is rejected/not used and does not represent an active vulnerability entry.
CVE-2017-15150
...
CVE-2020-15150
CVE-2020-15150 affects the Paginator Elixir/Hex package. The vulnerability allows Remote Code Execution via input parameters to the paginate() function, potentially impacting all users before version 1.0.0. A fix is available in version 1.0.0, which requires Elixir >= 1.5. The connected docume...
CVE-2019-15150
CVE-2019-15150 affects the MediaWiki OAuth2 Client extension prior to version 0.4. The vulnerability is a CSRF issue caused by the OAuth2 state parameter not being validated in the callback function. As described in the connected sources, this can allow an attacker to perform actions on behalf of...
CVE-2018-15150
SQL injection vulnerability in interface/deidentificationforms/deidentificationscreen2.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'temporaryfilesdir' variable in interface/super/editglobals.php...
CVE-2018-15150
CVE-2018-15150 is a SQL injection vulnerability in OpenEMR prior to 5.0.1.4. The flaw resides in interface/de_identification_forms/de_identification_screen2.php, exploitable via the temporary_files_dir parameter in interface/super/edit_globals.php. A remote attacker with prior authentication coul...