1026 matches found
PT-2025-9210
Name of the Vulnerable Software and Affected Versions FFmpeg versions up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb Description A problematic vulnerability has been found in FFmpeg, affecting the function audio element obu of the file libavformat/iamf parse.c of the component IAMF File Handler...
OESA-2025-1024 curl security update
cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: A vulnerability has been found in cURL Network Utility Software and classified as problematic. Affected by this vulnerability is an unknown cod...
OESA-2025-1023 curl security update
cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: A vulnerability has been found in cURL Network Utility Software and classified as problematic. Affected by this vulnerability is an unknown cod...
OESA-2025-1022 curl security update
cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: A vulnerability has been found in cURL Network Utility Software and classified as problematic. Affected by this vulnerability is an unknown cod...
OESA-2025-1021 curl security update
cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: A vulnerability has been found in cURL Network Utility Software and classified as problematic. Affected by this vulnerability is an unknown cod...
PT-2025-16200 · Assimp +2 · Assimp +2
Name of the Vulnerable Software and Affected Versions: Open Asset Import Library Assimp versions up to 5.4.3 Description: A critical issue has been found in the Open Asset Import Library Assimp, affecting the function aiString::Set in the library include/assimp/types.h of the component File...
CVE-2024-12900
A vulnerability classified as critical has been found in FoxCMS up to 1.2. Affected is an unknown function of the file /install/installdb.php of the component Configuration File Handler. The manipulation of the argument database password leads to code injection. It is possible to launch the attac...
PT-2024-17788 · Foxcms · Foxcms
Name of the Vulnerable Software and Affected Versions: FoxCMS versions up to 1.2 Description: A critical issue has been found in the Configuration File Handler component, specifically in the file /install/installdb.php. The manipulation of the database password argument leads to code injection...
CVE-2024-12181
A vulnerability classified as problematic was found in DedeCMS 5.7.116. Affected by this vulnerability is an unknown functionality of the file /member/uploadsadd.php of the component SWF File Handler. The manipulation of the argument mediatype leads to cross site scripting. The attack can be...
CVE-2024-12181
A vulnerability classified as problematic was found in DedeCMS 5.7.116. Affected by this vulnerability is an unknown functionality of the file /member/uploadsadd.php of the component SWF File Handler. The manipulation of the argument mediatype leads to cross site scripting. The attack can be...
CVE-2024-12181
CVE-2024-12181 affects DedeCMS 5.7.116; the vulnerability is in the SWF File Handler component via the /member/uploads_add.php endpoint, where manipulating the mediatype argument enables cross-site scripting. The issue is exploitable remotely and affects an unknown functionality of that file. Mul...
CVE-2024-12181 DedeCMS SWF File uploads_add.php cross site scripting
A vulnerability classified as problematic was found in DedeCMS 5.7.116. Affected by this vulnerability is an unknown functionality of the file /member/uploadsadd.php of the component SWF File Handler. The manipulation of the argument mediatype leads to cross site scripting. The attack can be...
PT-2024-17473 · Dedecms · Dedecms
Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7.116 Description: A problematic vulnerability was found in DedeCMS, affecting an unknown functionality of the file /member/uploads add.php of the component SWF File Handler. The manipulation of the mediatype argument leads ...
CVE-2024-11664
CVE-2024-11664 affects eNMS up to v4.2. The vulnerability exists in the multiselect_filtering function of TGZ File Handler (eNMS/controller.py) and allows path traversal. Exploitation is possible remotely; exploit details are public. A patch is available: 22b0b443acca740fc83b5544165c1f53eff3f529....
CVE-2024-11664 eNMS TGZ File controller.py multiselect_filtering path traversal
A vulnerability, which was classified as critical, has been found in eNMS up to 4.2. Affected by this issue is the function multiselectfiltering of the file eNMS/controller.py of the component TGZ File Handler. The manipulation leads to path traversal. The attack may be launched remotely. The...
CVE-2024-11664 eNMS TGZ File controller.py multiselect_filtering path traversal
A vulnerability, which was classified as critical, has been found in eNMS up to 4.2. Affected by this issue is the function multiselectfiltering of the file eNMS/controller.py of the component TGZ File Handler. The manipulation leads to path traversal. The attack may be launched remotely. The...
CVE-2024-11049
A vulnerability classified as problematic has been found in ZKTeco ZKBio Time 9.0.1. Affected is an unknown function of the file /authfiles/photo/ of the component Image File Handler. The manipulation leads to direct request. It is possible to launch the attack remotely. The complexity of an atta...
CVE-2024-11049 ZKTeco ZKBio Time Image File photo direct request
A vulnerability classified as problematic has been found in ZKTeco ZKBio Time 9.0.1. Affected is an unknown function of the file /authfiles/photo/ of the component Image File Handler. The manipulation leads to direct request. It is possible to launch the attack remotely. The complexity of an atta...
CVE-2024-11049 ZKTeco ZKBio Time Image File photo direct request
A vulnerability classified as problematic has been found in ZKTeco ZKBio Time 9.0.1. Affected is an unknown function of the file /authfiles/photo/ of the component Image File Handler. The manipulation leads to direct request. It is possible to launch the attack remotely. The complexity of an atta...
CVE-2024-11049
CVE-2024-11049 affects ZKTeco ZKBio Time 9.0.1, specifically the Image File Handler component and an unknown function of the file path /auth_files/photo/. The issue allows remote-triggered manipulation of a direct request, with attack complexity rated as HIGH and no required privileges, but no us...