SUSE CVE-2004-1190

SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized write activities to modify the firmware of associated SCSI devices...

SUSE CVE-2007-6613

Stack-based buffer overflow in the printiso9660recurse function in iso-info src/iso-info.c in GNU Compact Disc Input and Control Library libcdio 0.79 and earlier allows context-dependent attackers to cause a denial of service core dump and possibly execute arbitrary code via a disk or image that...

SUSE CVE-2010-1797

Multiple stack-based buffer overflows in the cffdecoderparsecharstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute...

SUSE CVE-2019-9151

An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5VMmemcpyvv in H5VM.c when called from H5Dcompactreadvv in H5Dcompact.c...

CVE-2023-23333

There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php...

CVE-2023-23333

There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php...

Command injection

There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php...

CVE-2023-23333

There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php...

Contec SolarView Compact 命令注入漏洞

Contec SolarView Compact is an application system from Contec Japan. It provides photovoltaic power generation measurement system. A security vulnerability exists in Contec SolarView Compact version 6.00 and earlier versions. An attacker can exploit the vulnerability to execute commands via...

CVE-2023-23333

There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php...

PT-2023-1590 · Unknown · Solarview Compact

Name of the Vulnerable Software and Affected Versions: SolarView Compact versions 6.00 and earlier Description: The issue is related to a command injection vulnerability, which allows attackers to execute commands by bypassing internal restrictions through the downloader.php endpoint. This is due...

CVE-2023-23333

SolarView Compact 6.00 is affected by an OS command injection via downloader.php, allowing remote code execution. The vulnerability arises from an insecure file parameter in downloader.php that can bypass internal restrictions. Public exploit templates (including Metasploit module) describe obtai...

Cross site scripting

The Compact WP Audio Player WordPress plugin before 1.9.8 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against hig...

CVE-2022-4542

The CVE-2022-4542 issue affects the Compact WP Audio Player WordPress plugin prior to version 1.9.8. It arises from not validating and escaping certain shortcode attributes before output, allowing a user with as little as Contributor privileges to perform Stored XSS against higher-privilege users...

CVE-2022-4542 Compact WP Audio Player < 1.9.8 - Contributor+ Stored XSS

The Compact WP Audio Player WordPress plugin before 1.9.8 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against hig...

CVE-2022-4542 Compact WP Audio Player < 1.9.8 - Contributor+ Stored XSS

The Compact WP Audio Player WordPress plugin before 1.9.8 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against hig...

PT-2023-14663 · WordPress · Compact Wp Audio Player

Name of the Vulnerable Software and Affected Versions: Compact WP Audio Player WordPress plugin versions prior to 1.9.8 Description: The issue concerns the Compact WP Audio Player WordPress plugin, which does not properly validate and escape certain shortcode attributes before outputting them. Th...

WordPress plugin Compact WP Audio Player 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers. relevant is a relevant content display plugin used in it. wordpress plugin is an...

PT-2022-27694 · Unknown · Talon Tc Compact +3

Name of the Vulnerable Software and Affected Versions: APOGEE PXC Compact BACnet versions prior to V3.5.5 APOGEE PXC Compact P2 Ethernet versions prior to V2.8.20 APOGEE PXC Modular BACnet versions prior to V3.5.5 APOGEE PXC Modular P2 Ethernet versions prior to V2.8.20 TALON TC Compact BACnet...

CVE-2022-45937

Siemens CVE-2022-45937 affects APOGEE PXC Series ( BACnet and P2 Ethernet ) and TALON TC Series up to specific versions: APOGEE PXC BACnet before 3.5.5; APOGEE PXC P2 Ethernet before 2.8.20; TALON TC BACnet before 3.5.5. The vulnerability is an Improper Access Control that could allow a low-privi...