14 matches found
CVE-2026-32964
SD-330AC and AMC Manager provided by silex technology, Inc. contain an improper neutralization of CRLF sequences 'CRLF Injection' vulnerability. Processing some crafted configuration data may lead to arbitrary entries injected to the system configuration...
CVE-2026-23686
Due to a CRLF Injection vulnerability in SAP NetWeaver Application Server Java, an authenticated attacker with administrative access could submit specially crafted content to the application. If processed by the application, this content enables injection of untrusted entries into generated...
EUVD-2019-0462
Malware in sbrugna...
EUVD-2022-29542
Malicious code in bioql PyPI...
CVE-2019-0213
In Apache Archiva before 2.2.4, it may be possible to store malicious XSS code into central configuration entries, i.e. the logo URL. The vulnerability is considered as minor risk, as only users with admin role can change the configuration, or the communication between the browser and the Archiva...
CVE-2022-24670
An attacker can use the unrestricted LDAP queries to determine configuration entries...
CVE-2022-24670
An attacker can use the unrestricted LDAP queries to determine configuration entries...
CVE-2022-24670 Any user can run unrestricted LDAP queries against a configuration endpoint
An attacker can use the unrestricted LDAP queries to determine configuration entries...
ForgeRock Access Management 安全漏洞
ForgeRock Access Management is a comprehensive, unified solution from ForgeRock USA designed to quickly enable superior experiences tailored to the unique needs of users and employees. A security vulnerability exists in ForgeRock Access Management. An attacker exploited the vulnerability to...
PT-2022-16789 · Forgerock · Access Management
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: An attacker can use unrestricted LDAP queries to determine configuration entries. Recommendations: At the moment, there is no information about a newer...
Weidmueller Industrial WLAN 操作系统命令注入漏洞
Weidmueller Industrial WLAN devices is an industrial WIAN from Weidmueller, Germany. The Weidmueller Industrial WLAN devices operating system command injection vulnerability can be exploited by an attacker to take full control of the device via specially crafted network configuration information...
CVE-2016-0830
btifconfig.c in Bluetooth in Android 6.x before 2016-03-01 allows remote attackers to cause a denial of service memory corruption and persistent daemon crash by triggering a large number of configuration entries, and consequently exceeding the maximum size of a configuration file, aka internal bu...
UBUNTU-CVE-2016-0830
btifconfig.c in Bluetooth in Android 6.x before 2016-03-01 allows remote attackers to cause a denial of service memory corruption and persistent daemon crash by triggering a large number of configuration entries, and consequently exceeding the maximum size of a configuration file, aka internal bu...
CVE-2005-1454
SQL injection vulnerability in the radiusxlat function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via 1 groupmembershipquery, 2 simulcountquery, or 3 simulverifyquery configuration entries...