EUVD-2023-36412

Malicious code in bioql PyPI...

CVE-2020-18454

Cross Site Request Forgery CSRF vulnerability in bycms v1.3 via admin.php/systems/index/moduleid/70/groupid/1.html...

Linux Distros Unpatched Vulnerability : CVE-2018-18454

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CCITTFaxStream::readRow in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted pdf file, as...

CVE-2023-32144

D-Link DAP-1360 webproc COMMMakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this...

CVE-2023-32144

CVE-2023-32144 affects D-Link DAP-1360 devices (webproc /cgi-bin/webproc). The flaw is a stack-based buffer overflow in handling user-supplied data length, enabling remote code execution with root privileges when exploited by network-adjacent attackers. Public disclosures (ZDI-23-536, NVD entry) ...

CVE-2023-32144 D-Link DAP-1360 webproc COMM_MakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-1360 webproc COMMMakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this...

openSUSE: Security Advisory for poppler (SUSE-SU-2023:4187-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:4362-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-18454

Cross Site Request Forgery CSRF vulnerability in bycms v1.3 via admin.php/systems/index/moduleid/70/groupid/1.html...

CVE-2020-18454

CVE-2020-18454 affects bycms v1.3. A Cross-Site Request Forgery (CSRF) vulnerability is exposed via admin.php/systems/index/module_id/70/group_id/1.html. The CVSS metrics in the initial data indicate a base score of 6.0 (CVSS2) / 6.8 (CVSS3.1) with Network attack vector and user interaction not r...

CVE-2017-18454

CVE-2017-18454 affects cPanel prior to 62.0.24, where stored XSS is possible in the WHM cPAddons install interface (SEC-262) due to insufficient input validation. Impact is client-side code execution in authenticated context; CVSS–low/medium ranges reflect partial confidentiality/integrity but no...

CVE-2018-18454

CCITTFaxStream::readRow in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted pdf file, as demonstrated by pdftoppm...

CVE-2018-18454

CVE-2018-18454 is a vulnerability in Xpdf/Poppler where CCITTFaxStream::readRow() in Stream.cc (Xpdf 4.00) can crash or exhaust memory via a crafted PDF, enabling a heap-based buffer over-read and denial of service. Connected advisories cite multiple affected builds (Xpdf 4.00, 4.01.01; Poppler 0...

CVE-2018-18454

CCITTFaxStream::readRow in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted pdf file, as demonstrated by pdftoppm...

CVE-2018-18454

CCITTFaxStream::readRow in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted pdf file, as demonstrated by pdftoppm...