Lucene search
K

17 matches found

NVD
NVD
added 2026/06/16 12:16 p.m.15 views

CVE-2026-8484

A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes DoS. All versions are believed to be vulnerable. This project is unmaintained at...

4.8CVSS0.0014EPSS
Exploits0References2
CVE
CVE
added 2026/06/16 10:32 a.m.28 views

CVE-2026-8484

The CVE-2026-8484 entry describes a heap buffer overflow in the Jansi JNI"ioctl()" wrapper caused by missing size verification of the argument array before the system call. Affected software is Jansi (JNI wrapper) and, per sources, all versions are believed vulnerable. Consequences stated are hea...

4.8CVSS5.7AI score0.0014EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 10:32 a.m.8 views

EUVD-2026-37064

A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes DoS. All versions are believed to be vulnerable. This project is unmaintained at...

4.8CVSS5.6AI score0.0014EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-0030

Malware in sbrugna...

3.3CVSS6.8AI score0.00401EPSS
Exploits1References15
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-28688

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went t...

6.5CVSS6.7AI score0.00332EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/14 10:1 a.m.3 views

CVE-2025-7761 Reflected XSS in Lepszy BIP

Lepszy BIP is vulnerable to Reflected Cross-Site Scripting XSS. Improper input validation in index.php form in one of the parameters allows arbitrary JavaScript to be executed on victim's browser when specially crafted URL is opened. The vendor was contacted early about this disclosure but did no...

5.1CVSS6.4AI score0.00417EPSS
Exploits0References2
OSV
OSV
added 2021/12/16 2:30 p.m.13 views

GHSA-VXR4-RXW7-G7V6 Prototype Pollution in comb

All versions of package comb are vulnerable to Prototype Pollution via the deepMerge function...

6.5CVSS5.9AI score0.01171EPSS
Exploits1References3
OSV
OSV
added 2019/12/11 6:16 p.m.5 views

ALPINE-CVE-2019-19582

An issue was discovered in Xen through 4.12.x allowing x86 guest OS users to cause a denial of service infinite loop because certain bit iteration is mishandled. In a number of places bitmaps are being used by the hypervisor to track certain state. Iteration over all bits involves functions which...

6.5CVSS6.6AI score0.00378EPSS
Exploits0References1
OSV
OSV
added 2019/12/11 2:1 a.m.4 views

GHSA-V63X-XC9J-HHVQ Sandbox Breakout / Arbitrary Code Execution in safer-eval

All versions of safer-eval are vulnerable to Sandbox Escape leading to Remote Code Execution. The package fails to restrict access to the main context and is not suited to process arbitrary user input. This may allow attackers to execute arbitrary code in the system. Recommendation The package is...

9.8CVSS7.6AI score0.02574EPSS
Exploits1References5
OSV
OSV
added 2019/04/09 7:44 p.m.4 views

GHSA-98F7-P5RC-JX67 Materialize-css vulnerable to Cross-site Scripting in tooltip component

All versions of materialize-css are vulnerable to Cross-Site Scripting. The tooltip component does not sufficiently sanitize user input, allowing an attacker to execute arbitrary JavaScript code if the malicious input is rendered by a user. Recommendation No fix is currently available. Consider...

6.1CVSS6.6AI score0.00795EPSS
Exploits1References7
OSV
OSV
added 2018/10/09 12:19 a.m.11 views

GHSA-QW93-45R3-P66P Prototype Pollution in merge-options

All versions of merge-options are vulnerable to Prototype Pollution Recommendation Update to version 1.0.1 or greater...

9.8CVSS5.9AI score0.01428EPSS
Exploits1References6
CNVD
CNVD
added 2016/10/24 12:0 a.m.1 views

Zenbership has multiple vulnerabilities

Zenbership is an open source customer relationship management platform. All versions of Zenbership suffer from a cross-site scripting vulnerability and a cross-site request forgery vulnerability that can be exploited by an attacker to steal cookie-based authentication or inject malicious scripts...

6.6AI score
Exploits0References1
Exploit DB
Exploit DB
added 2005/05/16 12:0 a.m.23 views

NPDS 4.8/5.0 - 'pollcomments.php?thold' SQL Injection

source: https://www.securityfocus.com/bid/13649/info NPDS is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'thold' parameter. Successful exploitation could result in a compromise of the application,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/04/02 12:0 a.m.23 views

SiteEnable - SQL Injection

source: https://www.securityfocus.com/bid/12985/info SiteEnable is reported prone to an SQL injection vulnerability. This vulnerability could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks. Successful exploitation cou...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/03/08 12:0 a.m.22 views

OutStart Participate Enterprise 3 - Multiple Access Validation Vulnerabilities

source: https://www.securityfocus.com/bid/12752/info Participate Enterprise is reported prone to multiple access validation vulnerabilities. These issues may allow remote attackers to disclose sensitive information and corrupt and delete data that can ultimately lead to a denial of service...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/08/23 12:0 a.m.22 views

PhotoADay - 'Pad_selected' Cross-Site Scripting

source: https://www.securityfocus.com/bid/11009/info It is reported that PhotoADay is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remote attacker to create a malicious U...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/07/03 12:0 a.m.31 views

GNU Chess 5.0 - Local Buffer Overflow

// source: https://www.securityfocus.com/bid/8097/info A local buffer overflow has been reported for GNU Chess that may result in an attacker obtaining elevated privileges. The vulnerability exists due to insufficient boundary checks performed on some commandline options. Successful exploitation...

7.4AI score
Exploits0
Rows per page
Query Builder