CVE-2025-8259 Vaelsys VaelsysV4 Web interface vgrid_server.php execute_DataObjectProc os command injection

A vulnerability was identified in Vaelsys VaelsysV4 up to 5.1.0/5.4.0. Affected by this issue is the function executeDataObjectProc of the file /grid/vgridserver.php of the component Web interface. Such manipulation of the argument xajaxargs leads to os command injection. The attack can be execut...

CVE-2025-8259 Vaelsys VaelsysV4 Web interface vgrid_server.php execute_DataObjectProc os command injection

A vulnerability was identified in Vaelsys VaelsysV4 up to 5.1.0/5.4.0. Affected by this issue is the function executeDataObjectProc of the file /grid/vgridserver.php of the component Web interface. Such manipulation of the argument xajaxargs leads to os command injection. The attack can be execut...

CVE-2025-8259

CVE-2025-8259 affects Vaelsys 4.1.0. The vulnerability is an OS command injection in the function execute_DataObjectProc of the file /grid/vgrid_server.php, caused by manipulation of the xajaxargs argument. It can be triggered remotely, and public exploits have been disclosed; vendor responses ar...

CVE-2024-8259

creationtimestamp| type| source ---|---|--- 2024-12-09 16:22:12+00:00| seen| https://t.me/cvedetector/12391 2025-04-03 19:35:31+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10323...

CVE-2024-8259

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Eryaz Information Technologies NatraCar B2B Dealer Management Program allows SQL Injection. This issue affects NatraCar B2B Dealer Management Program: through 09.12.2024. NOTE: The vendor was...

CVE-2024-8259 Unauthenticated SQLi in Eryaz IT's NatraCar B2B Dealer Management Program

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Eryaz Information Technologies NatraCar B2B Dealer Management Program allows SQL Injection. This issue affects NatraCar B2B Dealer Management Program: through 09.12.2024. NOTE: The vendor was...

CVE-2024-8259 Unauthenticated SQLi in Eryaz IT's NatraCar B2B Dealer Management Program

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Eryaz Information Technologies NatraCar B2B Dealer Management Program allows SQL Injection. This issue affects NatraCar B2B Dealer Management Program: through 09.12.2024. NOTE: The vendor was...

CVE-2024-8259

The CVE-2024-8259 entry concerns an SQL Injection in Eryaz Information Technologies’ NatraCar B2B Dealer Management Program. The issue stems from improper neutralization of special elements in SQL commands, enabling unauthenticated SQL injection prior to an end-of-life date (through 09.12.2024). ...

GHSA-7JMW-8259-Q9JX vulnerabilities

Vulnerabilities for packages: traefik...

Fedora: Security Advisory (FEDORA-2024-8c48a81cb9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for yyjson (FEDORA-2024-4691d60717)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: yyjson-0.9.0-1.fc40

A high performance JSON library written in ANSI C. Features - Fast: can read or write gigabytes per second JSON data on modern CPUs. - Portable: complies with ANSI C C89 for cross-platform compatibility. - Strict: complies with RFC 8259 JSON standard, ensuring strict number format and UTF-8...

[SECURITY] Fedora 38 Update: yyjson-0.9.0-1.fc38

A high performance JSON library written in ANSI C. Features - Fast: can read or write gigabytes per second JSON data on modern CPUs. - Portable: complies with ANSI C C89 for cross-platform compatibility. - Strict: complies with RFC 8259 JSON standard, ensuring strict number format and UTF-8...

NIST Cybersecurity Framework: A Quick Guide for SaaS Security Compliance

When I want to know the most recently published best practices in cyber security, I visit The National Institute of Standards and Technology NIST. From the latest password requirements NIST 800-63 to IoT security for manufacturers NISTIR 8259, NIST is always the starting point. NIST plays a key...

Nextcloud Server < 20.0.0 Multiple Vulnerabilities (NC-SA-2020-040, NC-SA-2020-041, NC-SA-2021-006)

Nextcloud Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nextcloud:nextcloudserver"...

CVE-2020-8259

Nextcloud Server 19.0.1 is affected by CVE-2020-8259 due to insufficient protection of server-side encryption keys, allowing an attacker to replace the encryption keys. Exploitation details are not provided in the connected docs; the issue is described as a vulnerability in the key protection mec...

CVE-2019-8259

CVE-2019-8259 affects UltraVNC revisions around 1198. The issue is memory leaks in the VNC client code that could allow reading stack memory and, with another vulnerability, bypass ASLR, potentially leading to information disclosure. Siem ens/ICS advisories confirm the condition and note that fix...

CVE-2019-8259

UltraVNC revision 1198 contains multiple memory leaks CWE-655 in VNC client code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be...

CVE-2017-8259

CVE-2017-8259 is a buffer overflow in Qualcomm CAF Android/Linux kernel service locator. Root cause: a buffer size variable is not used to indicate the actual buffer size. Documented impact is high severity with local code execution possibilities, requiring user interaction (CVSS3: HIGH, LOCAL, U...

CVE-2017-8259

creationtimestamp| type| source ---|---|--- 2017-07-10 10:03:25+00:00| published-proof-of-concept| https://t.me/HackerOne/845...