85 matches found
CVE-2025-54655
Race condition vulnerability in the virtualization base module. Successful exploitation of this vulnerability may affect the confidentiality and integrity of the virtualization graphics module...
CVE-2025-54652
Path traversal vulnerability in the virtualization base module. Successful exploitation of this vulnerability may affect the confidentiality of the virtualization module...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition vulnerability exists in the Huawei HarmonyOS virtualization base module, which can be exploited by an attacker to compromise the...
CVE-2024-39840
Factorio before 1.1.101 allows a crafted server to execute arbitrary code on clients via a custom map that leverages the ability of certain Lua base module functions to execute bytecode and generate fake objects...
CVE-2025-4546
A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...
CVE-2025-4546
A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...
CVE-2025-4546 1Panel-dev MaxKB Knowledge Base Module csv injection
A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been...
CVE-2025-4546
CVE-2025-4546 affects 1Panel-dev MaxKB, specifically the Knowledge Base Module up to version 1.10.7. The issue enables csv injection via an unknown functionality in the Knowledge Base Module, with remote exploitation possible. Upgrading to version 1.10.8 addresses the vulnerability. If applying r...
PT-2025-20668 · Unknown · 1Panel-Dev Maxkb
Name of the Vulnerable Software and Affected Versions: 1Panel-dev MaxKB versions up to 1.10.7 Description: A critical issue was found in the Knowledge Base Module component, leading to csv injection. This issue can be exploited remotely. The estimated number of potentially affected devices...
MaxKB 安全漏洞
MaxKB is a 1Panel-dev open source open source knowledge base question and answer system based on a large language model and RAG. A security vulnerability exists in MaxKB 1.10.7 and earlier versions, which stems from a CSV injection in the component Knowledge Base Module...
Security Bulletin: IBM MaaS360 Cloud Extender Agent, Configuration Utility, Email Notification, Real Time Action and Base Module affected by multiple vulnerabilities (CVE-2023-46219, CVE-2023-46218, CVE-2023-52071, CVE-2024-0853)
Summary Vulnerabilities contained within libcurl a 3rd party component were addressed in the IBM MaaS360 Cloud Extender Agent, Configuration Utility, Email Notification, Realtime Action and Base Modules. Vulnerability Details CVEID:CVE-2023-46219 DESCRIPTION: cURL libcurl could allow a remote...
Security Bulletin: IBM MaaS360 Cloud Extender Agent and Base Module affected by multiple vulnerabilities
Summary Vulnerability contained within libcurl a 3rd party component was addressed in the IBM MaaS360 Cloud Extender Agent and Base Module. Vulnerability Details CVEID:CVE-2024-7264 DESCRIPTION: cURL libcurl could allow a local attacker to obtain sensitive information, caused by an out-of-bounds...
CVE-2024-39840
Factorio before 1.1.101 allows a crafted server to execute arbitrary code on clients via a custom map that leverages the ability of certain Lua base module functions to execute bytecode and generate fake objects...
CVE-2024-39840
Factorio before 1.1.101 is affected. A crafted server map can trigger arbitrary code execution on clients by abusing certain Lua base module functions to execute bytecode and create fake objects. Affected component: Factorio server/client interaction via custom maps; root cause: Lua base module f...
PT-2024-40659 · Unknown · Generatedjavaparser
Name of the Vulnerable Software and Affected Versions: GeneratedJavaParser affected versions not specified Description: A security exception crash has been reported. The crash involves the com.github.javaparser.GeneratedJavaParser.Expression class, the java.base/java.lang.String.startsWith method...
Siemens LOGO! 安全漏洞
Siemens LOGO! BM Base Module devices are used for basic small-scale automation tasks. An unspecified vulnerability exists in the Siemens LOGO! BM Base Module device due to the susceptibility of the affected device to electromagnetic fault injection. An attacker could exploit the vulnerability to...
Daylight Studio Fuel CMS SQL Injection Vulnerability
Daylight Studio Fuel CMS is a content management system based on CodeIgniter. A security vulnerability exists in Daylight Studio Fuel CMS version 1.4.9, which stems from an SQL injection vulnerability in the file Basemodulemodel.php that allows remote attackers to execute arbitrary code via the c...
CVE-2020-24950
SQL Injection vulnerability in file Basemodulemodel.php in Daylight Studio FUEL-CMS version 1.4.9, allows remote attackers to execute arbitrary code via the col parameter to function listitems...
Security Bulletin: IBM MaaS360 Cloud Extender Agent, Mobile Enterprise Gateway, Configuration Utility, VPN, Certificate and Base Module affected by multiple vulnerabilities
Summary Vulnerabilities contained within libcurl a 3rd party component and Open SSL were addressed in the IBM MaaS360 Cloud Extender Agent, Configuration Utility, Certificate, VPN and Base Modules. Vulnerabilities contained within Netty a 3rd party component were addressed in the IBM MaaS360 Mobi...
Security Bulletin: IBM MaaS360 Cloud Extender Agent and Base Module use libcurl with multiple known vulnerabilities
Summary Vulnerabilities contained within libcurl a 3rd party component were identified and remediated in the IBM MaaS360 Cloud Extender Agent and Base Module. Vulnerability Details CVEID:CVE-2022-27780 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security restrictions, caused...