CVE-2026-2985

A security flaw has been discovered in Tiandy Video Surveillance System 视频监控平台 7.17.0. This impacts the function downloadImage of the file /com/tiandy/easy7/core/bo/CLSBODownLoad.java. Performing a manipulation of the argument urlPath results in server-side request forgery. The attack is possible...

CVE-2026-2985 Tiandy Video Surveillance System 视频监控平台 CLSBODownLoad.java downloadImage server-side request forgery

A security flaw has been discovered in Tiandy Video Surveillance System 视频监控平台 7.17.0. This impacts the function downloadImage of the file /com/tiandy/easy7/core/bo/CLSBODownLoad.java. Performing a manipulation of the argument urlPath results in server-side request forgery. The attack is possible...

CGA-G8QJ-2985-6M93

Bulletin has no description...

MiracleLinux 8 : firefox-91.5.0-1.el8.ML.1 (AXSA:2022-2985:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-2985:03 advisory. Mozilla: Iframe sandbox bypass with XSLT CVE-2021-4140 Mozilla: Race condition when playing audio files CVE-2022-22737 Mozilla: Heap-buffer-overflow...

EUVD-2026-2985

Police Statistics Database System developed by Gotac has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attacker to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

CVE-2019-2985

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Fluid Core. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

Linux Distros Unpatched Vulnerability : CVE-2023-2985

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use after free flaw was found in hfsplusputsuper in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service...

CVE-2012-2985

Cross-site scripting XSS vulnerability in InsertDocument.aspx in CuteSoft Cute Editor 6.4 allows remote authenticated users to inject arbitrary web script or HTML via the UploadID parameter...

CVE-2025-2985

A vulnerability was found in code-projects Payroll Management System 1.0. It has been classified as critical. This affects an unknown part of the file updateaccount.php. The manipulation of the argument deduction leads to sql injection. It is possible to initiate the attack remotely. The exploit...

CVE-2025-2985 code-projects Payroll Management System update_account.php sql injection

A vulnerability was found in code-projects Payroll Management System 1.0. It has been classified as critical. This affects an unknown part of the file updateaccount.php. The manipulation of the argument deduction leads to sql injection. It is possible to initiate the attack remotely. The exploit...

CVE-2025-2985

The CVE-2025-2985 entry concerns code-projects Payroll Management System 1.0. The vulnerability affects the update_account.php logic, where manipulating the deduction parameter enables SQL injection. Exploitation is remote and can result in high-impact outcomes (confidentiality, integrity, and av...

Linux Distros Unpatched Vulnerability : CVE-2017-2985

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful...

SUSE: Security Advisory (SUSE-SU-2023:3391-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Rocky Linux 8 : python39:3.9 and python39-devel:3.9 (RLSA-2024:2985)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2985 advisory. pypa-setuptools: Regular Expression Denial of Service ReDoS in packageindex.py CVE-2022-40897 python-cryptography: memory corruption via immutable objec...

Oracle Linux 8 : python39:3.9 / and / python39-devel:3.9 (ELSA-2024-2985)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2985 advisory. - Update to 3.5 to fix CVE-2014-0240 1101863 - Fix CVE-2014-1858, CVE-2014-1859: 1062009, 1062359 - Security fix for CVE-2023-27043 Resolves: RHEL-5561...

RHEL 8 : python39:3.9 and python39-devel:3.9 (RHSA-2024:2985)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2985 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:3182-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:3392-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:3172-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:3171-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...