CVE-2024-8074

Missing Authentication for Critical Function, Missing Authorization vulnerability in Nomysoft Informatics Nomysem allows Collect Data as Provided by Users. This issue affects Nomysem: before 13.10.2024...

CVE-2024-8074

Missing Authentication for Critical Function, Missing Authorization vulnerability in Nomysoft Informatics Nomysem allows Collect Data as Provided by Users. This issue affects Nomysem: before 13.10.2024...

CVE-2024-8074

CVE-2024-8074 affects Nomysoft Informatics’ Nomysem before 13.10.2024. The issue is Missing Authentication for a Critical Function and Missing Authorization due to improper privilege management, enabling collection of user-provided data. The CVSS 4.0 vector indicates network access with low attac...

CVE-2019-8074

ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Path Traversal vulnerability. Successful exploitation could lead to Access Control Bypass in the context of the current user...

CVE-2019-8074

ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Path Traversal vulnerability. Successful exploitation could lead to Access Control Bypass in the context of the current user...

CVE-2019-8074

CVE-2019-8074 is a path traversal vulnerability in Adobe ColdFusion 2018 (update 4 and earlier) and ColdFusion 2016 (update 11 and earlier) that could bypass access controls in the context of the current user. NVD CVSS v3.1 base score 9.8 (CRITICAL) with network attack vector, no user interaction...

CVE-2018-8074

Yii 2.x before 2.0.15 allows remote attackers to inject unintended search conditions via a variant of the CVE-2018-7269 attack in conjunction with the Elasticsearch extension...

CVE-2018-8074

Yii 2.x before 2.0.15 allows remote attackers to inject unintended search conditions via a variant of the CVE-2018-7269 attack in conjunction with the Elasticsearch extension...

CVE-2018-8074

The CVE-2018-8074 entry affects Yii 2.x before 2.0.15. The vulnerability is in framework/db/ActiveRecord.php (findByCondition) where remote attackers can inject unintended SQL conditions via findOne()/findAll(), often in conjunction with the Elasticsearch extension. This is a SQL injection in the...

CVE-2016-8074

...

CVE-2016-8074

CVE-2016-8074 is rejected; this CVE ID is not associated with a vulnerability and is not an active entry.

CVE-2017-8074

TP-Link TL-SG108E (1.0) is affected by CVE-2017-8074. A remote attacker could retrieve credentials from the SEND data log lines where passwords are encoded in hexadecimal, impacting firmware version 1.1.2 Build 20141017 Rel.50749. Documented impact includes unauthorized disclosure of credentials ...

mcgill.ca XSS vulnerability

Vulnerable URL: http://www.mcgill.ca/scsd/sites/all/libraries/mediaelement/build/flashmediaelement.swf?jsinitfunctio%gn=alertOPENBUGBOUNTY Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...

CVE-2015-6611

mediaserver in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, aka internal bugs 23905951, 23912202, 23953967, 23696300, 23600291, 23756261, 23541506,...

CVE-2015-8074

CVE-2015-8074 affects Android mediaserver prior to 5.1.1 LMY48X. The vulnerability allows remote attackers to obtain sensitive information and bypass an unspecified protection mechanism via unknown vectors, tied to internal bugs 23540907 and 23515142. This entry is distinguished from CVE-2015-661...

CVE-2014-8074

Buffer overflow in the SetLogFile method in Foxit.FoxitPDFSDKProCtrl.5 in Foxit PDF SDK ActiveX 2.3 through 5.0.1820 before 5.0.2.924 allows remote attackers to execute arbitrary code via a long string, related to global variables...

CVE-2014-8074

Foxit PDF SDK ActiveX vulnerability (CVE-2014-8074): The SetLogFile method in Foxit.FoxitPDFSDKProCtrl.5 of Foxit PDF SDK ActiveX versions 2.3–5.0.1820 is susceptible to a buffer overflow when given a long string, related to global variables. This can allow remote code execution. Exploitation inf...