17 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-22912
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A global-buffer-overflow was found in SWFTools v0.9.2, in the function countline at swf5compiler.flex:327. It allows an attacker to cause code execution...
CVE-2025-22912
RE11S v1.11 was discovered to contain a command injection vulnerability via the component /goform/formAccept...
CVE-2025-22912
RE11S v1.11 was discovered to contain a command injection vulnerability via the component /goform/formAccept...
CVE-2025-22912
RE11S v1.11 was discovered to contain a command injection vulnerability via the component /goform/formAccept...
CVE-2024-30349
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2024-30349 Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2024-30349
CVE-2024-30349 describes a remote code execution in Foxit PDF Reader via U3D file parsing. The flaw arises from inadequate validation of user-supplied data during U3D parsing, causing an out-of-bounds write that can execute code in the target process. Exploitation requires user interaction (visit...
CVE-2024-22912
creationtimestamp| type| source ---|---|--- 2024-01-19 19:26:50+00:00| seen| https://t.me/ctinow/170359 2024-01-25 19:16:40+00:00| seen| https://t.me/ctinow/173711...
CVE-2024-22912
SWFTools v0.9.2 is affected by CVE-2024-22912: a global-buffer-overflow in the countline function (swf5compiler.flex:327) can lead to code execution. This is documented across multiple sources (NVD/CVE listings and vendor advisories). The vulnerability stems from improper input length validation ...
CVE-2023-22912
CVE-2023-22912 affects MediaWiki releases prior to 1.35.9, 1.36.x up to 1.38.x before 1.38.5, and 1.39.x before 1.39.1. The CheckUser TokenManager uses AES-CTR with a repeated nonce, enabling an adversary to decrypt data. Impact is confidentiality of tokens, with network-based exposure and no exp...
MediaWiki < 1.35.9, 1.38.0 < 1.38.5, 1.39.0 < 1.39.1 Multiple Vulnerabilities - Windows
MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...
MediaWiki < 1.35.9, 1.38.0 < 1.38.5, 1.39.0 < 1.39.1 Information Disclosure Vulnerability - Linux
MediaWiki is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
2app (>=1.0.0 <=1.2.8), 2fa-cli (>=1.0.0 <=1.0.4) +4339 more potentially affected by CVE-2022-22912 via plist (>=0.2.1 <=3.0.4)
plist NPM version =0.2.1, =1.0.0, =1.0.0, =0.0.1, =1.0.0, =0.0.1, =1.0.0, =0.0.1-beta.0, =0.0.1, =0.0.12, =0.1.1, =1.0.0, =0.20.0, =0.21.1 - @allroundexperts/rn-swiper =1.0.1 and more Source cves: CVE-2022-22912 Source advisory: OSV:GHSA-4CPG-3VGW-4877...
CVE-2022-22912
Prototype pollution vulnerability via .parse in Plist before v3.0.4 allows attackers to cause a Denial of Service DoS and may lead to remote code execution...
CVE-2022-22912
CVE-2022-22912 concerns plist.js, where a prototype pollution flaw in the .parse() function in Plist before 3.0.4 can trigger a Denial of Service and may enable remote code execution. Multiple connected sources confirm the vulnerability class and impact, describing it as a prototype pollution vec...
CVE-2022-22912
Prototype pollution vulnerability via .parse in Plist before v3.0.4 allows attackers to cause a Denial of Service DoS and may lead to remote code execution...
CVE-2021-22912
The CVE-2021-22912 issue affects Nextcloud iOS app (before 3.4.2). The root cause is that searches for sharees default to querying the lookup server instead of restricting to the local Nextcloud server unless a global search is explicitly chosen, causing information disclosure of sharee searches....