Lucene search
K

140 matches found

Prion
Prion
added 2024/01/31 9:15 p.m.20 views

Sql injection

SQL injection vulnerability in Enterprise Architect 16.0.1605 32-bit allows attackers to run arbitrary SQL commands via the Find parameter in the Select Classifier dialog box...

7.5CVSS8.7AI score0.00629EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/01/31 12:0 a.m.28 views

CVE-2022-47072

SQL injection vulnerability in Enterprise Architect 16.0.1605 32-bit allows attackers to run arbitrary SQL commands via the Find parameter in the Select Classifier dialog box...

10AI score0.00629EPSS
Exploits1References1
CVE
CVE
added 2024/01/31 12:0 a.m.34 views

CVE-2022-47072

CVE-2022-47072 affects Sparx Systems Enterprise Architect 16.0.1605 (32-bit). The vulnerability is a SQL injection in the Find parameter of the Select Classifier dialog box, enabling execution of arbitrary SQL commands. Root cause: unsafely handling user-controlled input in the dialog’s Find para...

9.8CVSS9.7AI score0.00629EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2023/09/11 8:15 a.m.21 views

Input validation

A vulnerability exists in the Equipment Tag Out authentication, when configured with Single Sign-On SSO with password validation in T214. This vulnerability can be exploited by an authenticated user per-forming an Equipment Tag Out holder action Accept, Release, and Clear for another user and...

6.5CVSS8.8AI score0.00522EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/07/13 12:1 a.m.25 views

CVE-2023-21260

In notification access permission dialog box, malicious application can embedded a very long service label that overflow the original user prompt and possibly contains mis-leading information to be appeared as a system message for user confirmation...

5.8AI score0.00074EPSS
Exploits0References1
Prion
Prion
added 2023/06/19 5:15 a.m.16 views

Open redirect

KioWare for Windows through v8.33 was discovered to contain an incomplete blacklist filter for blocked dialog boxes on Windows 10. This issue can allow attackers to open a file dialog box via the function window.print which can then be used to open an unprivileged command prompt...

4.3CVSS7.8AI score0.00233EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/06/19 5:15 a.m.27 views

Open redirect

KioWare for Windows through v8.33 was discovered to contain an incomplete blacklist filter for blocked dialog boxes on Windows 10. This issue can allow attackers to open a file dialog box via the function showDirectoryPicker which can then be used to open an unprivileged command prompt...

4.3CVSS7.8AI score0.00335EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2022/06/13 4:15 p.m.18 views

Design/Logic Flaw

Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality...

6.4CVSS9.1AI score0.0062EPSS
Exploits0References2Affected Software3
RedhatCVE
RedhatCVE
added 2022/05/20 11:24 p.m.39 views

CVE-2021-30586

Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS2.4AI score0.01053EPSS
Exploits0References1
CNVD
CNVD
added 2022/03/17 12:0 a.m.35 views

CKEditor4 authentication vulnerability

An authentication vulnerability exists in CKEditor4, an open source HTML editor, in the "Dialog Box" plug-in. The vulnerability allows misuse of the dialog input validator regular expression, which can cause significant performance degradation, leading to browser tab freezes. No details of the...

7.5CVSS1.5AI score0.02448EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/03/16 12:0 a.m.16 views

CKEditor 资源管理错误漏洞

An authentication vulnerability exists in CKEditor4, an open source HTML editor, in the "Dialog Box" plug-in. The vulnerability allows misuse of the dialog input validator regular expression, which can cause significant performance degradation, leading to browser tab freezes. No details of the...

7.5CVSS6.8AI score0.02448EPSS
Exploits0References12
CNVD
CNVD
added 2021/11/04 12:0 a.m.24 views

Mozilla Firefox has an unspecified vulnerability (CNVD-2021-101164)

Mozilla Firefox is an open source web browser from the Mozilla Foundation. Mozilla Firefox is vulnerable due to an unusual sequence of events controlled by an attacker, and alert can therefore display arbitrary albeit unstyled content on top of an uncontrolled page of the attacker's choice...

4.3CVSS2.4AI score0.01622EPSS
Exploits0References1
CNVD
CNVD
added 2021/09/29 12:0 a.m.17 views

PortlandLabs Concrete CMS Cross-Site Request Forgery Vulnerability (CNVD-2021-76080)

PortlandLabs Concrete Cms is a team-oriented open source content management system for the United States PortlandLabs . A cross-site request forgery vulnerability exists in PortlandLabs Concrete CMS, which stems from a failure to validate CCM tokens when adding a save endpoint to the product's...

8.8CVSS8.6AI score0.00483EPSS
Exploits0References1
NVD
NVD
added 2021/08/03 8:15 p.m.15 views

CVE-2021-30586

Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS0.01053EPSS
Exploits0References5
OSV
OSV
added 2021/08/03 8:15 p.m.7 views

CVE-2021-30586

Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS6.7AI score
Exploits0References5
UbuntuCve
UbuntuCve
added 2021/08/03 8:15 p.m.29 views

CVE-2021-30586

Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.2AI score0.01053EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/08/03 7:41 p.m.20 views

CVE-2021-30586

Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...

9.3AI score0.01053EPSS
Exploits0References5
CVE
CVE
added 2021/08/03 7:41 p.m.159 views

CVE-2021-30586

CVE-2021-30586 is a use-after-free vulnerability in Chrome’s dialog-box handling on Windows, affecting Chrome versions before 92.0.4515.107. A remote attacker could exploit this by convincing a user to install a malicious extension and by presenting a crafted HTML page, potentially triggering hea...

8.8CVSS9AI score0.01053EPSS
Exploits0References5Affected Software1
AlpineLinux
AlpineLinux
added 2021/08/03 7:41 p.m.37 views

CVE-2021-30586

Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS9.2AI score0.01053EPSS
Exploits0
Veracode
Veracode
added 2021/07/24 4:9 a.m.7 views

Remote Code Execution (RCE)

chromium is vulnerable to remote code execution. The vulnerability exists due to a use after free in the dialog box handling on Windows component of the Chromium...

8.8CVSS7.5AI score0.01053EPSS
Exploits0References9Affected Software2
Rows per page
Query Builder