17 matches found
CVE-2026-31058
UTT Aggressive HiPER 1200GW v2.5.3-170306 was discovered to contain a buffer overflow in the timeRangeName parameter of the formConfigDnsFilterGlobal function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2026-31058
CVE-2026-31058 affects UTT Aggressive HiPER 1200GW (v2.5.3-170306). The root cause is a buffer overflow in the timeRangeName parameter of the formConfigDnsFilterGlobal function, enabling denial-of-service via crafted input. Public details consistently describe the same vulnerability across multip...
CVE-2025-31058
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Revolution Video Player revolutionvideoplayer allows Reflected XSS.This issue affects Revolution Video Player: from n/a through = 2.9.2...
CVE-2025-31058 WordPress Revolution Video Player plugin <= 2.9.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Revolution Video Player revolutionvideoplayer allows Reflected XSS.This issue affects Revolution Video Player: from n/a through = 2.9.2...
CVE-2025-31058 WordPress Revolution Video Player plugin <= 2.9.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Revolution Video Player allows Reflected XSS. This issue affects Revolution Video Player: from n/a through 2.9.2...
WordPress Revolution Video Player plugin <= 2.9.2 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Plugin Revolution Video Player versions = 2.9.2...
CVE-2023-31058
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or...
CVE-2023-31058
creationtimestamp| type| source ---|---|--- 2023-05-22 16:24:54+00:00| published-proof-of-concept| https://t.me/cibsecurity/64526...
CVE-2023-31058
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or...
CVE-2023-31058
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or...
CVE-2023-31058
Summary (CVE-2023-31058): Deserialization of untrusted data in Apache InLong (1.4.0–1.6.0) allows attackers to bypass the autoDeserialize filtering by inserting blanks. This can enable unintended behavior as described; no exploitation details are provided here. Impact: high likelihood of bypass o...
CVE-2023-31058 Apache InLong: JDBC URL bypassing by adding blanks
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or...
CVE-2023-31058 Apache InLong: JDBC URL bypassing by adding blanks
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or...
CVE-2022-31058
Tuleap SQL injection (CVE-2022-31058) affects Tuleap versions prior to 13.9.99.95. The issue arises from improper input sanitization when constructing SQL against tracker reports, enabling an attacker who can create a new tracker to execute arbitrary SQL queries. Connected sources corroborate imp...
CVE-2022-31058 SQL injection via the field name of a tracker in Tuleap
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.95 Tuleap does not sanitize properly user inputs when constructing the SQL query to retrieve data for the tracker reports. An attacker with the capability to create ...
CVE-2021-31058
...
CVE-2021-31058
CVE-2021-31058 entry is rejected/not used and does not represent an active vulnerability.