CVE-2021-22547

In IoT Devices SDK, there is an implementation of calloc that doesn't have a length check. An attacker could pass in memory objects larger than the buffer and wrap around to have a smaller buffer than required, allowing the attacker access to the other parts of the heap. We recommend upgrading th...

CVE-2022-22547

Simple Diagnostics Agent - versions 1.0 up to version 1.57., allows an attacker to access information which would otherwise be restricted via a random port 9000-65535. This allows information gathering which could be used exploit future open-source security exploits...

CVE-2025-22547

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jaykrishnang JK Html To Pdf jk-html-to-pdf allows Stored XSS.This issue affects JK Html To Pdf: from n/a through = 1.0.0...

CVE-2025-22547

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jaykrishnang JK Html To Pdf jk-html-to-pdf allows Stored XSS.This issue affects JK Html To Pdf: from n/a through = 1.0.0...

CVE-2025-22547 WordPress JK Html To Pdf plugin <= 1.0.0 - CSRF to Stored XSS vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jay Krishnan G JK Html To Pdf allows Stored XSS.This issue affects JK Html To Pdf: from n/a through 1.0.0...

CVE-2025-22547 WordPress JK Html To Pdf plugin <= 1.0.0 - CSRF to Stored XSS vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jaykrishnang JK Html To Pdf jk-html-to-pdf allows Stored XSS.This issue affects JK Html To Pdf: from n/a through = 1.0.0...

CVE-2025-22547

CVE-2025-22547 is a stored XSS vulnerability in the JK Html To Pdf WordPress plugin (affecting 1.0.0 and earlier) evidenced by Red Hat’s CVE entry. It is described as an Improper Neutralization of Input During Web Page Generation leading to Stored XSS; exploitation details are not provided in the...

CVE-2024-22547

creationtimestamp| type| source ---|---|--- 2024-02-22 20:26:29+00:00| seen| https://t.me/ctinow/191117...

CVE-2024-22547

WayOS IBR-7150 17.06.23 is vulnerable to Cross Site Scripting XSS...

CVE-2024-22547

CVE-2024-22547 affects WayOS IBR-7150 firmware prior to version 17.06.23. The vulnerability is Cross Site Scripting (XSS). Based on the connected sources, the affected product is WayOS IBR-7150 and versions earlier than 17.06.23 are implicated; no explicit root-cause details are provided beyond t...

CVE-2023-37289

It is identified a vulnerability of Unrestricted Upload of File with Dangerous Type in the file uploading function in InfoDoc Document On-line Submission and Approval System, which allows an unauthenticated remote attacker can exploit this vulnerability without logging system to upload and run...

CVE-2023-37289

It is identified a vulnerability of Unrestricted Upload of File with Dangerous Type in the file uploading function in InfoDoc Document On-line Submission and Approval System, which allows an unauthenticated remote attacker can exploit this vulnerability without logging system to upload and run...

Design/Logic Flaw

It is identified a vulnerability of Unrestricted Upload of File with Dangerous Type in the file uploading function in InfoDoc Document On-line Submission and Approval System, which allows an unauthenticated remote attacker can exploit this vulnerability without logging system to upload and run...

CVE-2023-37289

This CVE (CVE-2023-37289) affects InfoDoc Document On-line Submission and Approval System (versions 22547, 22567) and concerns an Unrestricted Upload of File with Dangerous Type in the file uploading function. The root cause is a permissive file upload mechanism that allows an unauthenticated rem...

PT-2023-25886 · Unknown · Infodoc Document On-Line Submission/Approval System

Name of the Vulnerable Software and Affected Versions: InfoDoc Document On-line Submission and Approval System versions 22547, 22567 Description: The issue is related to an Unrestricted Upload of File with Dangerous Type in the file uploading function. This allows an unauthenticated remote attack...

CVE-2022-22547

CVE-2022-22547 concerns the Simple Diagnostics Agent. Affected software: Simple Diagnostics Agent versions 1.0 through 1.57. The issue is an information disclosure vulnerability allowing an attacker to access restricted information via a random port range (9000–65535), enabling information gather...

CVE-2021-22547

CVE-2021-22547 affects the Google Cloud IoT Device SDK for Embedded C (IoT Devices SDK). The root cause is a calloc() implementation without a length check, which can allow an attacker to provide memory objects larger than the buffer and wrap around to create a smaller buffer, enabling access to ...