31 matches found
The vulnerability of the plugin for viewing RAW images allows a hacker to execute arbitrary code.
The vulnerability of the plugin for viewing RAW images is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code...
PT-2022-14777 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write in the thermal cooling device stats update function of thermal sysfs.c due to improper input validation. This could lead to local escalation of privilege in th...
TypeORM 0.3.7 Information Disclosure Vulnerability
I found what I think is a vulnerability in the latest typeorm 0.3.7. TypeORM v0.3 has a new findOneBy method instead of findOneById and it is the only way to get a record by id Sending undefined as a value in this method removes this parameter from the query. This leads to the data exposure. For...
TCL LinkHub Mesh Wi-Fi 缓冲区错误漏洞
TCL LinkHub Mesh Wi-Fi is a router from TCL Corporation.A buffer overflow vulnerability exists in TCL LinkHub Mesh Wi-Fi, which stems from a lack of proper validation of user-supplied data in the confsrv ucloudsetnodelocation function, and could be exploited by an attacker to execute arbitrary co...
Foxit PDF Editor 缓冲区错误漏洞
Foxit PDF Reader is a PDF reader from the Chinese company Foxit. A buffer error vulnerability exists in Foxit PDF, which is caused by a lack of proper validation of user-supplied data, and could allow a remote attacker to execute arbitrary code on an affected PDF editor installation...
DEBIAN-CVE-2019-10912
In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to. This is related to...
CarSpot Theme <= 2.1.6 - Authenticated Stored XSS
Bad input field data filtering has been discovered in the 'CarSpot – Automotive Car Dealer Wordpress Classified Theme'. Current version of this Premium Theme is 2.1.5. PoC Authorize on the demo website for tests: https://carspot.scriptsbundle.com/, login is [email protected] and passow...
CVE-2018-6182
Mahara 16.10 before 16.10.9 and 17.04 before 17.04.7 and 17.10 before 17.10.4 are vulnerable to bad input when TinyMCE is bypassed by POST packages. Therefore, Mahara should not rely on TinyMCE's code stripping alone but also clean input on the server / PHP side as one can create own packets of...
SQL injection vulnerability in program\diypage\receive\add.php page of Dreamline Monxin Enterprise Building System program\diypage\receive\add.php
Monxin Enterprise Station Building System is a self-service station building system based on PHP language development. A SQL injection vulnerability exists in the program\diypage\receive\add.php page of the Monxin Enterprise Station Building System. The vulnerability is due to the system's failur...
aspcatalog-sql.txt
ASP Product catalog SQL injection vulnerability. A nice little SQL injection vulnerability exists within ASP Product Catalog. The application fails to check for bad input from GET'd variables used in SQL query operations. In this case, the variable cid can be used for SQL injection queries...
HP-UX 10/11/ IRIX 3/4/5/6 / OpenSolaris build snv / Solaris 8/9/10 / SunOS 4.1 - 'rpc.ypupdated' Command Execution (2)
HP-UX 10.x/11.x,IRIX 3.x/4.x/5.x/6.x,OpenSolaris build snv,Solaris 8/9/10,SunOS 4.1.x RPC.YPUpdated Command Execution 2 source: https://www.securityfocus.com/bid/1749/info The 'rpc.ypupdated' deamon is part of the Network Information Service NIS or Yellow Pages YP. It allows clients to update NIS...