Lucene search
K

24 matches found

OSV
OSV
added 2026/06/10 11:56 a.m.7 views

MINI-F8PQ-335Q-8255

Bulletin has no description...

8.7CVSS5.2AI score0.01041EPSS
Exploits1
Circl
Circl
added 2026/05/11 3:6 a.m.11 views

CVE-2026-8255

creationtimestamp| type| source ---|---|--- 2026-05-11 03:06:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlkc5xzyid2k...

4.8CVSS5.8AI score0.00202EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/11 12:0 a.m.39 views

CVE-2026-8255 Devs Palace ERP Online add_new_customer cross site scripting

A weakness has been identified in Devs Palace ERP Online up to 4.0.0. This affects an unknown part of the file /inventory/addnewcustomer. This manipulation causes cross site scripting. The attack can be initiated remotely. The exploit has been made available to the public and could be used for...

4.8CVSS0.00202EPSS
Exploits0References4
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-8255 Malicious code in @landmineaknpm2/facere-voluptatum-a (npm)

The package @landmineaknpm2/facere-voluptatum-a was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/07/30 4:28 a.m.17 views

CVE-2025-8255

A vulnerability was found in code-projects Exam Form Submission 1.0. It has been rated as critical. This issue affects some unknown processing of the file /register.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...

9.8CVSS7.2AI score0.00532EPSS
Exploits1References1
NVD
NVD
added 2025/07/28 4:15 a.m.6 views

CVE-2025-8255

A vulnerability was found in code-projects Exam Form Submission 1.0. It has been rated as critical. This issue affects some unknown processing of the file /register.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...

9.8CVSS0.00532EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/07/28 3:32 a.m.16 views

CVE-2025-8255 code-projects Exam Form Submission register.php unrestricted upload

A vulnerability was found in code-projects Exam Form Submission 1.0. It has been rated as critical. This issue affects some unknown processing of the file /register.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...

7.5CVSS0.00532EPSS
Exploits1References5
Circl
Circl
added 2024/08/29 6:44 p.m.5 views

CVE-2024-8255

creationtimestamp| type| source ---|---|--- 2024-08-29 18:44:08+00:00| seen| https://t.me/cvedetector/4421...

9.8CVSS7.5AI score0.00828EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/29 3:18 p.m.15 views

CVE-2024-8255 Path Traversal in Ocean Data Systems Dream Report

Delta Electronics DTN Soft version 2.0.1 and prior are vulnerable to an attacker achieving remote code execution through a deserialization of untrusted data vulnerability...

8.4CVSS7.9AI score0.00828EPSS
Exploits0References1
CVE
CVE
added 2024/08/29 3:18 p.m.45 views

CVE-2024-8255

Delta Electronics DTN Soft (DTN Soft) versions 2.0.1 and earlier are affected by a deserialization of untrusted data vulnerability that can lead to remote code execution. The issue is documented in multiple sources: ZDI describes BIN file parsing deserialization exploitable with user interaction,...

9.8CVSS9.9AI score0.00828EPSS
Exploits0References1Affected Software1
ICS
ICS
added 2024/08/29 6:0 a.m.34 views

Delta Electronics DTN Soft

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION : Low attack complexity Vendor : Delta Electronics Equipment : DTN Soft Vulnerability : Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution...

9.8CVSS9.8AI score0.00828EPSS
Exploits0References10
OSV
OSV
added 2024/04/17 11:15 a.m.4 views

DEBIAN-CVE-2024-26867

In the Linux kernel, the following vulnerability has been resolved: comedi: comedi8255: Correct error in subdevice initialization The refactoring done in commit 5c57b1ccecc7 "comedi: comedi8255: Rework subdevice initialization functions" to the initialization of the io field of struct...

5.5CVSS4.9AI score0.00193EPSS
Exploits0References1
CVE
CVE
added 2019/12/19 7:38 p.m.784 views

CVE-2019-8255

CVE-2019-8255 affects Adobe Brackets up to version 1.14. It is a command-injection vulnerability that could allow arbitrary code execution on successful exploitation. CVSSv3.1 base score 9.8 (CRITICAL). The supplied documents do not specify a patched version or remediation steps.

10CVSS9.7AI score0.06583EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2019/12/12 12:0 a.m.18 views

Adobe Brackets Command Injection Vulnerability (APSB19-57) - Windows

Adobe Brackets is prone to a command injection vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:brackets"; if...

10CVSS9.4AI score0.06583EPSS
Exploits0References2
CVE
CVE
added 2017/08/18 6:0 p.m.61 views

CVE-2017-8255

CVE-2017-8255 affects Qualcomm bootloader components in Android CAF builds that use the Linux kernel. The issue is described as an integer overflow in the bootloader, leading to elevation of privilege (EoP) within the kernel context. Public sources in the provided documents identify the vulnerabi...

9.3CVSS7.4AI score0.00483EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/05/11 2:1 p.m.25 views

CVE-2016-8255

CVE-2016-8255 is rejected and not part of an active vulnerability entry.

6.9AI score
Exploits0
Cvelist
Cvelist
added 2017/05/11 2:1 p.m.11 views

CVE-2016-8255

...

Exploits0
CVE
CVE
added 2017/04/10 3:0 a.m.66 views

CVE-2015-8255

CVE-2015-8255 describes a Cross-Site Request Forgery vulnerability in AXIS Communications devices with a Web Interface. The embedded web app does not verify that a request is intentionally submitted by the user, enabling unauthorized state-changing actions. Documented impact includes CSRF-enabled...

8.8CVSS8.7AI score0.02171EPSS
Exploits5References1Affected Software1
Cvelist
Cvelist
added 2017/04/10 3:0 a.m.18 views

CVE-2015-8255

AXIS Communications products allow CSRF, as demonstrated by admin/pwdgrp.cgi, vaconfig.cgi, and admin/localdel.cgi...

8.8AI score0.02171EPSS
Exploits5References1
Exploit DB
Exploit DB
added 2017/03/17 12:0 a.m.62 views

AXIS (Multiple Products) - Cross-Site Request Forgery

0RWELLL4BS security advisory olsa-CVE-2015-8255 PGP: 79A6CCC0 @orwelllabs Advisory Information ==================== - Title: Cross-Site Request Forgery - Vendor: AXIS Communications - Research and Advisory: Orwelllabs - Class: Session Management control CWE-352 - CVE Name: CVE-2015-8255 - Affecte...

8.8CVSS8.8AI score0.02171EPSS
Exploits5
Rows per page
Query Builder