CVE-2026-8347

Concrete CMS 9.5.0 and below is vulnerable to IDOR + wrong-authorization-level in the Express association Reorder dialog. This can cause Cross-entity state tampering with view-only permission on one entry. To be affected, a website has to be using express and relying on express entity...

CVE-2025-8347 Kehua Charging Pile Cloud Platform findAllTask sql injection

A vulnerability, which was classified as critical, was found in Kehua Charging Pile Cloud Platform 1.0. This affects an unknown part of the file /sys/task/findAllTask. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2025-8347

CVE-2025-8347 affects Kehua Charging Pile Cloud Platform 1.0; vulnerability in /sys/task/findAllTask enables SQL injection, exploitable remotely. Exploit disclosed publicly. No remediation/fix version provided in the supplied documents.

Linux Distros Unpatched Vulnerability : CVE-2017-8347

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows attackers to cause a denial of service memory leak via a crafted file. CVE-2017-8347 Note that...

CVE-2024-8347

creationtimestamp| type| source ---|---|--- 2024-08-31 00:51:13+00:00| seen| https://t.me/cvedetector/4551...

CVE-2024-8347 SourceCodester Computer Laboratory Management System Master.php delete_record sql injection

A vulnerability classified as critical was found in SourceCodester Computer Laboratory Management System 1.0. Affected by this vulnerability is the function deleterecord of the file /classes/Master.php?f=deleterecord. The manipulation of the argument id leads to sql injection. The attack can be...

CGA-8347-CHQX-6JHV

Bulletin has no description...

CVE-2020-8347

Lenovo Enterprise Network Disk is affected by a reflective XSS vulnerability (CVE-2020-8347) present in versions prior to 6.1 patch 6 hotfix 4. An attacker could lure an authenticated user to visit a crafted URL and execute code in the user’s browser, potentially via phishing. The primary impact ...

CVE-2014-8347

CVE-2014-8347 describes an authentication bypass in the MatchPasswordData function of DBEngine.dll used by FileMaker Pro 13.0v3 and FileMaker Pro Advanced 12.0v4. A local attacker could leverage this to gain elevated privileges, effectively bypassing login and obtaining higher access within the l...

CVE-2018-8347

CVE-2018-8347 is a Windows kernel elevation of privilege vulnerability where the kernel fails to properly handle parsing of certain symbolic links. Affects Windows Server 2016 and Windows 10 (including Windows 10 Server variants). The connected sources confirm the root cause as a parsing issue in...

ImageMagick 6.x < 6.9.8-10 / 7.x < 7.0.5-9 Multiple Vulnerabilities

The version of ImageMagick installed on the remote Windows host is 6.x prior to 6.9.8-10 or 7.x prior to 7.0.5-9. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the ReadRLEImage function within file coders/rle.c when reading image color maps due to issues related to a...

[SECURITY] [DSA 3863-1] imagemagick security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3863-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 25, 2017 https://www.debian.org/security/faq -...

CVE-2017-8347

In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows attackers to cause a denial of service memory leak via a crafted file...

CVE-2017-8347

CVE-2017-8347 is rejected; this CVE is not an active vulnerability entry.

CVE-2017-8347

In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows attackers to cause a denial of service memory leak via a crafted file...

CVE-2017-8347

In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows attackers to cause a denial of service memory leak via a crafted file...

CVE-2016-8347

CVE-2016-8347 affects Kabona AB WebDatorCentral (WDC) prior to version 3.4.0. The root cause is improper handling of authentication attempts, allowing unrestricted brute-force attempts against the login API. Reports indicate remote exploitability with no user interaction required, and the impact ...

Filemaker Login Bypass / Privilege Escalation

Filemaker Login Bypass and Privilege Escalation ======================================================================= ADVISORY INFORMATION Title: Filemaker Login Bypass and Privilege Escalation Discovery date: 19/10/2014 Release date: 19/10/2014 Vendor Homepage: www.filemaker.com Version:...

Filemaker Login Bypass and Privilege Escalation Vulnerability

Filemaker Login Bypass and Privilege Escalation ======================================================================= ADVISORY INFORMATION Title: Filemaker Login Bypass and Privilege Escalation Discovery date: 19/10/2014 Release date: 19/10/2014 Vendor Homepage: www.filemaker.com Version:...