Lucene search
+L

243 matches found

nvd
nvd
added 2023/03/06 8:15 a.m.11 views

CVE-2023-1187

A vulnerability was found in FabulaTech Webcam for Remote Desktop 2.8.42 and classified as problematic. This issue affects some unknown processing in the library ftwebcam.sys of the component Global Variable Handler. The manipulation leads to denial of service. It is possible to launch the attack...

5.5CVSS4.5AI score0.00366EPSS
Exploits1References3
cve
cve
added 2023/03/06 7:9 a.m.56 views

CVE-2023-1187

FabulaTech Webcam for Remote Desktop (version 2.8.42) is affected by a vulnerability in the library ftwebcam.sys within the Global Variable Handler, causing a denial of service when exploited locally. The issue has public exploit visibility. Mitigation guidance from PT-2023-16808 and related sour...

5.5CVSS4.7AI score0.00366EPSS
Exploits1References3Affected Software1
cvelist
cvelist
added 2023/03/06 7:9 a.m.19 views

CVE-2023-1187 FabulaTech Webcam for Remote Desktop Global Variable ftwebcam.sys denial of service

A vulnerability was found in FabulaTech Webcam for Remote Desktop 2.8.42 and classified as problematic. This issue affects some unknown processing in the library ftwebcam.sys of the component Global Variable Handler. The manipulation leads to denial of service. It is possible to launch the attack...

3.3CVSS5.8AI score0.00366EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2023/03/06 12:0 a.m.4 views

PT-2023-16808 · Fabulatech · Fabulatech Webcam For Remote Desktop

Name of the Vulnerable Software and Affected Versions: FabulaTech Webcam for Remote Desktop version 2.8.42 Description: A vulnerability was found in the library ftwebcam.sys of the component Global Variable Handler, which affects some unknown processing and leads to denial of service. The...

5.5CVSS7.1AI score0.00366EPSS
Exploits1References6
gitlab
gitlab
added 2022/06/28 12:0 a.m.30 views

Missing Release of Memory after Effective Lifetime

DCMTK through 3.6.6 does not handle memory free properly. The malloced memory for storing all file information are recorded in a global variable LST and are not freed properly. Sending specific requests to the dcmqrdb program can incur a memory leak. An attacker can use it to launch a DoS attack...

7.5CVSS2AI score0.01633EPSS
Exploits0References3Affected Software1
cnvd
cnvd
added 2022/05/19 12:0 a.m.11 views

Jenkins Global Variable String Parameter Plugin跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application software.A cross-site scripting vulnerabili...

5.4CVSS1.4AI score0.00715EPSS
Exploits0References1
osv
osv
added 2022/05/18 12:0 a.m.20 views

GHSA-7RJV-Q3PP-WC4P Cross-site Scripting in Jenkins Global Variable String Parameter Plugin

Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters. This results in stored cross-site scripting XSS vulnerabilities exploitable by attackers with Item/Configure permission...

8CVSS5.9AI score0.00715EPSS
Exploits0References3
github
github
added 2022/05/18 12:0 a.m.32 views

Cross-site Scripting in Jenkins Global Variable String Parameter Plugin

Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters. This results in stored cross-site scripting XSS vulnerabilities exploitable by attackers with Item/Configure permission...

5.4CVSS5.8AI score0.00715EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2022/05/17 3:15 p.m.3 views

CVE-2022-30962

Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS6AI score0.00715EPSS
Exploits0References2
osv
osv
added 2022/05/17 3:15 p.m.4 views

CVE-2022-30962

Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS5.7AI score0.00715EPSS
Exploits0References1
nvd
nvd
added 2022/05/17 3:15 p.m.28 views

CVE-2022-30962

Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS0.00715EPSS
Exploits0References1
prion
prion
added 2022/05/17 3:15 p.m.27 views

Cross site scripting

Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

3.5CVSS5.3AI score0.00715EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2022/05/17 2:6 p.m.34 views

CVE-2022-30962

Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.8AI score0.00715EPSS
Exploits0References1
cve
cve
added 2022/05/17 2:6 p.m.115 views

CVE-2022-30962

CVE-2022-30962 affects Jenkins Global Variable String Parameter Plugin, version 1.2 and earlier. The vulnerability arises because the plugin does not escape the name and description of Global Variable String parameters on parameter-displaying views, leading to a stored XSS vulnerability. Exploita...

5.4CVSS5.4AI score0.00715EPSS
Exploits0References1Affected Software1
cnnvd
cnnvd
added 2022/05/17 12:0 a.m.5 views

Jenkins Global Variable String Parameter Plugin 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application software.A cross-site scripting vulnerabili...

5.4CVSS5.4AI score0.00715EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2022/05/17 12:0 a.m.4 views

PT-2022-20418 · Jenkins · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins Global Variable String Parameter Plugin versions 1.2 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability, which is exploitable by attackers with Item/Configure permission. This occurs because...

8CVSS5.7AI score0.00715EPSS
Exploits0References6
github
github
added 2022/05/14 3:25 a.m.30 views

Typo3 XSS Vulnerability

The page module in TYPO3 before 8.7.11 has XSS via $GLOBALS'TYPO3CONFVARS''SYS''sitename', as demonstrated by an admin entering a crafted site name during the installation process...

4.8CVSS6.1AI score0.02295EPSS
Exploits1References6Affected Software1
ptsecurity
ptsecurity
added 2021/07/16 12:0 a.m.5 views

PT-2021-23377 · Dcmtk +5 · Dcmtk +5

Name of the Vulnerable Software and Affected Versions: DCMTK versions 3.6.6 and earlier Description: The issue is related to improper memory handling in the DCMTK library, specifically with the global variable LST, which records allocated memory for storing file information but does not free it...

9.8CVSS6.9AI score0.07629EPSS
Exploits10References87
cnnvd
cnnvd
added 2021/06/16 12:0 a.m.4 views

D-Link DIR-2640-US 缓冲区错误漏洞

The D-Link DIR-2640-US is a smart AC2600 high power Wi-Fi Gigabit router. A buffer overflow vulnerability exists in the D-Link DIR-2640-US version 1.01B04. An attacker can exploit this vulnerability by overriding a global variable in a .bss segment to cause a process crash or change...

7.1CVSS6AI score0.0054EPSS
Exploits1References4
nvd
nvd
added 2021/05/26 12:15 p.m.23 views

CVE-2020-25668

A flaw was found in Linux Kernel because access to the global variable fgconsole is not properly synchronized leading to a use after free in confontop...

7CVSS0.01026EPSS
Exploits1References9
Rows per page
Query Builder