3237 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-5128
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome before 52.0.2743.82, does not prevent API interceptors from modifying a store target without...
Linux Distros Unpatched Vulnerability : CVE-2014-2525
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the yamlparserscanuriescapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a...
Linux Distros Unpatched Vulnerability : CVE-2020-1951
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser in versions 1.0-1.23. CVE-2020-1951 Note that Nessus relies on the...
CVE-2025-5047
A maliciously crafted DGN file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
CVE-2025-9091
A security flaw has been discovered in Tenda AC20 16.03.08.12. Affected by this vulnerability is an unknown functionality of the file /etcro/shadow. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the local host. The complexity of an attack is rather high...
CVE-2025-9091
Summary: CVE-2025-9091 affects Tenda AC20, specifically the file /etc_ro/shadow. The root cause is hard-coded credentials in that file, enabling a local attack with high impact on confidentiality, integrity, and availability. Exploitation requires local access and is described as difficult, with ...
CVE-2025-5048
Autodesk AutoCAD is affected by CVE-2025-5048 via DGN file parsing that can trigger a memory corruption, enabling arbitrary code execution in the current process. The vulnerability is exploitable locally with user interaction required (per the CVE metrics and ZDI advisory). The root cause is rela...
CVE-2025-8968
A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/disapproveuser.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The explo...
CVE-2025-8971 itsourcecode Online Tour and Travel Management System travellers.php sql injection
A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument val-username leads to sql injection. The attack can be initiated remotely. The exploi...
CVE-2025-8966
A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/tax.php. The manipulation of the argument tname leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-38745
Dell OpenManage Enterprise, versions 3.10, 4.0, 4.1, and 4.2, contains an Insertion of Sensitive Information into Log File vulnerability in the Backup and Restore. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...
CVE-2025-50515
CVE-2025-50515 affects phome Empirebak 2010, specifically the config.php in ebak2008/upload/class/. The vulnerability arises when loading the config.php file, allowing arbitrary code execution. Affected component/file: ebak2008/upload/class/config.php; underlying issue not elaborated beyond code ...
CVE-2025-52335
EyouCMS 1.7.3 is vulnerale to Cross Site Scripting XSS in index.php, which can be exploited to obtain sensitive information...
CVE-2025-8924
A vulnerability was identified in Campcodes Online Water Billing System 1.0. This issue affects some unknown processing of the file /viewbill.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft
CVE-2025-50154, CVE-2025-59214 Windows File Explorer Zero C...
CVE-2025-50614
Netis WF2880 v2.1.40207 is affected by a buffer overflow in the FUN_0047151c function of cgitest.cgi. Exploitation is triggered by controlling wds_set in the payload, potentially crashing the program and enabling a Denial of Service (DoS). Multiple sources (CNVD, Red Hat, NVD, CVE list, CNNVD, et...
CVE-2025-50611
Netis WF2880 vulnerability CVE-2025-50611: A buffer overflow in the FUN_00473154 function of the cgitest.cgi file in firmware version 2.1.40207 can be triggered by crafted payloads that set wl_sec_set_5g and wl_sec_rp_set_5g, causing the program to crash and potentially leading to a Denial of Ser...
CVE-2025-50609
A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the Function00465620 of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of specifyparame in the payload, which can cause the program to crash and potentially lead to a Denial ...
PT-2025-32660
Name of the Vulnerable Software and Affected Versions: Simcenter Femap versions prior to 2406.0003 Simcenter Femap versions prior to 2412.0002 Description: The affected applications contain an out-of-bounds read issue when processing specially crafted BMP files. This could allow an attacker to...
BIT-LIBPYTHON-2025-4517 Arbitrary writes via tarfile realpath overflow
Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or TarFile.extract using the filter= parameter with a value of...