CVE-2022-25098

ECTouch v2 suffers from arbitrary file deletion due to insufficient filtering of the filename parameter...

VulnCheck KEV: CVE-2017-15715

In Apache httpd 2.4.0 to 2.4.29, the expression specified in could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the...

TOTOLINK X5000R Stack Overflow Vulnerability

TOTOLINK X5000R is a router. TOTOLINK X5000R v9.1.0u.6118B20201102 is vulnerable to a stack overflow vulnerability, which can be exploited by attackers to execute arbitrary commands via the parameter FileName...

CVE-2022-25337

Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x before 1.3.12 allows injection attacks via image filenames...

PJSUA API Buffer Overflow Vulnerability (CNVD-2022-14997)

Pjsua Api is an advanced Api for building Sip multimedia user agent applications, and a buffer overflow vulnerability exists in the PJSUA API, which can be exploited to cause a buffer overflow via a controlled "filename" parameter...

PJSUA API Buffer Overflow Vulnerability (CNVD-2022-15000)

Pjsua Api is an advanced Api for building Sip multimedia user agent applications. a buffer overflow vulnerability exists in the PJSUA API, which can be exploited by attackers to cause out-of-bounds reading of information via a controlled filename parameter...

PJSUA API Buffer Overflow Vulnerability (CNVD-2022-14999)

Pjsua Api is an advanced Api for building Sip multimedia user agent applications, and a buffer overflow vulnerability exists in the PJSUA API, which can be exploited to cause a buffer overflow via a controlled "filename" parameter...

PJSUA API Buffer Overflow Vulnerability (CNVD-2022-14998)

Pjsua Api is an advanced Api for building Sip multimedia user agent applications, and a buffer overflow vulnerability exists in the PJSUA API, which can be exploited to cause a buffer overflow via a controlled "filename" parameter...

Ibexa Dxp 注入漏洞

Ibexa Dxp is a single technology stack digital experience platform from Ibexa Norway. Used to help B2B companies transform traditional sales strategies into frictionless buying experiences. A security vulnerability exists in Ibexa Dxp, which originated in Ibexa DXP ezsystems/ezpublish-kernel...

CVE-2021-43299

Stack overflow in PJSUA API when calling pjsuaplayercreate. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation...

CVE-2021-43300

Stack overflow in PJSUA API when calling pjsuarecordercreate. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation...

ALPINE-CVE-2021-43302

Read out-of-bounds in PJSUA API when calling pjsuarecordercreate. An attacker-controlled 'filename' argument may cause an out-of-bounds read when the filename is shorter than 4 characters...

CVE-2021-43302

Read out-of-bounds in PJSUA API when calling pjsuarecordercreate. An attacker-controlled 'filename' argument may cause an out-of-bounds read when the filename is shorter than 4 characters...

ALPINE-CVE-2021-43299

Stack overflow in PJSUA API when calling pjsuaplayercreate. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation...

CVE-2021-43302

Read out-of-bounds in PJSUA API when calling pjsuarecordercreate. An attacker-controlled 'filename' argument may cause an out-of-bounds read when the filename is shorter than 4 characters...

CVE-2021-43299

Stack overflow in PJSUA API when calling pjsuaplayercreate. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation...

DEBIAN-CVE-2021-43302

Read out-of-bounds in PJSUA API when calling pjsuarecordercreate. An attacker-controlled 'filename' argument may cause an out-of-bounds read when the filename is shorter than 4 characters...

DEBIAN-CVE-2021-43299

Stack overflow in PJSUA API when calling pjsuaplayercreate. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation...

DEBIAN-CVE-2021-43300

Stack overflow in PJSUA API when calling pjsuarecordercreate. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation...

ALPINE-CVE-2021-43300

Stack overflow in PJSUA API when calling pjsuarecordercreate. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation...