80 matches found
MINI-R843-23XQ-2245
Bulletin has no description...
CVE-2018-2245
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none...
CVE-2026-2245
A vulnerability was identified in CCExtractor up to 183. This affects the function parsePAT/parsePMT in the library src/libccx/tstables.c of the component MPEG-TS File Parser. Such manipulation leads to out-of-bounds read. The attack can only be performed from a local environment. The exploit is...
CVE-2026-2245
CCExtractor up to v183 contains a vulnerability in the MPEG-TS File Parser (src/lib_ccx/ts_tables.c: parse_PAT/parse_PMT) that can trigger an out-of-bounds read. This is a local (AV:L) issue with low confidentiality/integrity impact and partial availability impact, as per CVSS metrics; exploitati...
CVE-2025-2245
A server-side request forgery SSRF vulnerability exists in the Bitdefender GravityZone Update Server when operating in Relay Mode. The HTTP proxy component on port 7074 uses a domain allowlist to restrict outbound requests, but fails to properly sanitize hostnames containing null-byte %00...
CVE-2025-2245 Server Side Request Forgery in GravityZone Update Server Using Null Bytes (VA-12646)
A server-side request forgery SSRF vulnerability exists in the Bitdefender GravityZone Update Server when operating in Relay Mode. The HTTP proxy component on port 7074 uses a domain allowlist to restrict outbound requests, but fails to properly sanitize hostnames containing null-byte %00...
CVE-2025-2245 Server Side Request Forgery in GravityZone Update Server Using Null Bytes (VA-12646)
A server-side request forgery SSRF vulnerability exists in the Bitdefender GravityZone Update Server when operating in Relay Mode. The HTTP proxy component on port 7074 uses a domain allowlist to restrict outbound requests, but fails to properly sanitize hostnames containing null-byte %00...
Oracle Linux 9 : buildah (ELSA-2024-2245)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2245 advisory. - Rebuild for CVEs: CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322 - rebuild for following CVEs: CVE-2023-25173 CVE-2022-41724...
RHEL 9 : buildah (RHSA-2024:2245)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2245 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a...
RHEL 6 / 7 : rh-ror50-rubygem-sprockets (RHSA-2018:2245)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2245 advisory. Sprockets is a Ruby library for compiling and serving web assets. It features declarative dependency management for JavaScript and CSS assets, as...
PT-2024-2245 · Microsoft · Windows Kernel +1
Name of the Vulnerable Software and Affected Versions: Windows Kernel affected versions not specified Description: The issue is related to insufficient protection of internal data in the Windows operating system kernel. It allows attackers to obtain sensitive information and potentially affect th...
CVE-2024-2245
creationtimestamp| type| source ---|---|--- 2024-03-07 14:26:33+00:00| seen| https://t.me/ctinow/202423 2024-03-07 14:26:39+00:00| seen| https://t.me/ctinow/202426...
CVE-2024-2245
Cross-Site Scripting vulnerability in moziloCMS version 2.0. By sending a POST request to the '/install.php' endpoint, a JavaScript payload could be executed in the 'username' parameter...
CVE-2024-2245 Cross-Site Scripting vulnerability in moziloCMS
Cross-Site Scripting vulnerability in moziloCMS version 2.0. By sending a POST request to the '/install.php' endpoint, a JavaScript payload could be executed in the 'username' parameter...
CVE-2024-2245
moziloCMS 2.0 is affected by CVE-2024-2245: a Cross-Site Scripting flaw allows a JavaScript payload to be executed by sending a POST to /install.php, targeting the username parameter. This is supported by multiple connected sources describing the same vulnerability; exploitation status and fixes ...
CVE-2024-2245 Cross-Site Scripting vulnerability in moziloCMS
Cross-Site Scripting vulnerability in moziloCMS version 2.0. By sending a POST request to the '/install.php' endpoint, a JavaScript payload could be executed in the 'username' parameter...
Amazon Linux 2 : gcc (ALAS-2023-2245)
The version of gcc installed on the remote host is prior to 7.3.1-17. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2245 advisory. 2023-09-13: The severity of this advisory was corrected from low to medium. An issue was found in a defense in depth feature of the GC...
CVE-2023-2245
creationtimestamp| type| source ---|---|--- 2023-04-22 20:32:48+00:00| seen| https://t.me/cibsecurity/62664 2025-02-05 10:00:06+00:00| published-proof-of-concept| Telegram/tROXu-VoDvIGOcLcpszl-EBZ8Ot5WUMl6WIZHqWkyLe8WA0 2025-02-06 02:41:38+00:00| seen|...
CVE-2023-2245
CVE-2023-2245 - hansunCMS 1.4.3 unrestricted upload . Affected component: the endpoint /ueditor/net/controller.ashx?action=catchimage in hansunCMS 1.4.3. Root cause described as manipulation allowing unrestricted upload, enabling remote exploitation. Sources indicate the vulnerability is critical...
CVE-2023-2245 hansunCMS unrestricted upload
A vulnerability was found in hansunCMS 1.4.3. It has been declared as critical. This vulnerability affects unknown code of the file /ueditor/net/controller.ashx?action=catchimage. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed t...