243 matches found
CVE-2023-1187
A vulnerability was found in FabulaTech Webcam for Remote Desktop 2.8.42 and classified as problematic. This issue affects some unknown processing in the library ftwebcam.sys of the component Global Variable Handler. The manipulation leads to denial of service. It is possible to launch the attack...
CVE-2023-1187
FabulaTech Webcam for Remote Desktop (version 2.8.42) is affected by a vulnerability in the library ftwebcam.sys within the Global Variable Handler, causing a denial of service when exploited locally. The issue has public exploit visibility. Mitigation guidance from PT-2023-16808 and related sour...
CVE-2023-1187 FabulaTech Webcam for Remote Desktop Global Variable ftwebcam.sys denial of service
A vulnerability was found in FabulaTech Webcam for Remote Desktop 2.8.42 and classified as problematic. This issue affects some unknown processing in the library ftwebcam.sys of the component Global Variable Handler. The manipulation leads to denial of service. It is possible to launch the attack...
PT-2023-16808 · Fabulatech · Fabulatech Webcam For Remote Desktop
Name of the Vulnerable Software and Affected Versions: FabulaTech Webcam for Remote Desktop version 2.8.42 Description: A vulnerability was found in the library ftwebcam.sys of the component Global Variable Handler, which affects some unknown processing and leads to denial of service. The...
Missing Release of Memory after Effective Lifetime
DCMTK through 3.6.6 does not handle memory free properly. The malloced memory for storing all file information are recorded in a global variable LST and are not freed properly. Sending specific requests to the dcmqrdb program can incur a memory leak. An attacker can use it to launch a DoS attack...
Jenkins Global Variable String Parameter Plugin跨站脚本漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application software.A cross-site scripting vulnerabili...
GHSA-7RJV-Q3PP-WC4P Cross-site Scripting in Jenkins Global Variable String Parameter Plugin
Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters. This results in stored cross-site scripting XSS vulnerabilities exploitable by attackers with Item/Configure permission...
Cross-site Scripting in Jenkins Global Variable String Parameter Plugin
Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters. This results in stored cross-site scripting XSS vulnerabilities exploitable by attackers with Item/Configure permission...
CVE-2022-30962
Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-30962
Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-30962
Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
Cross site scripting
Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-30962
Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-30962
CVE-2022-30962 affects Jenkins Global Variable String Parameter Plugin, version 1.2 and earlier. The vulnerability arises because the plugin does not escape the name and description of Global Variable String parameters on parameter-displaying views, leading to a stored XSS vulnerability. Exploita...
Jenkins Global Variable String Parameter Plugin 跨站脚本漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application software.A cross-site scripting vulnerabili...
PT-2022-20418 · Jenkins · Jenkins +1
Name of the Vulnerable Software and Affected Versions: Jenkins Global Variable String Parameter Plugin versions 1.2 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability, which is exploitable by attackers with Item/Configure permission. This occurs because...
Typo3 XSS Vulnerability
The page module in TYPO3 before 8.7.11 has XSS via $GLOBALS'TYPO3CONFVARS''SYS''sitename', as demonstrated by an admin entering a crafted site name during the installation process...
PT-2021-23377 · Dcmtk +5 · Dcmtk +5
Name of the Vulnerable Software and Affected Versions: DCMTK versions 3.6.6 and earlier Description: The issue is related to improper memory handling in the DCMTK library, specifically with the global variable LST, which records allocated memory for storing file information but does not free it...
D-Link DIR-2640-US 缓冲区错误漏洞
The D-Link DIR-2640-US is a smart AC2600 high power Wi-Fi Gigabit router. A buffer overflow vulnerability exists in the D-Link DIR-2640-US version 1.01B04. An attacker can exploit this vulnerability by overriding a global variable in a .bss segment to cause a process crash or change...
CVE-2020-25668
A flaw was found in Linux Kernel because access to the global variable fgconsole is not properly synchronized leading to a use after free in confontop...