Lucene search
+L

90 matches found

CNNVD
CNNVD
added 2023/09/11 12:0 a.m.5 views

Schoolmate SQL Injection Vulnerability

Schoolmate is a PHP/MySQL solution for elementary, middle and high schools by mrmunkey22 Individual Developer. A security vulnerability exists in Schoolmate version 1.3, which stems from a SQL injection vulnerability in the variable $schoolname in the header.php database...

9.8CVSS7.9AI score0.00629EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/09/11 12:0 a.m.9 views

PT-2023-27712 · Unknown · Schoolmate

Name of the Vulnerable Software and Affected Versions: Schoolmate version 1.3 Description: The issue concerns SQL Injection in the schoolname variable from the Database, located at header.php. This allows for potential exploitation. Recommendations: For Schoolmate version 1.3, consider restrictin...

9.8CVSS9.6AI score0.00629EPSS
Exploits1References3
OSV
OSV
added 2023/05/24 12:45 p.m.2 views

SUSE-SU-2023:2287-1 Security update for cups-filters, poppler, texlive

This update for cups-filters, poppler, texlive fixes the following issues: cups-filters: - CVE-2023-24805: Fixed a remote code execution in the beh backend bsc1211340. texlive: - CVE-2023-32700: Fixed arbitrary code execution in LuaTeX bsc1211389. poppler: - Added missing header file...

8.8CVSS8.6AI score0.03697EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.7 views

SUSE CVE-2007-2956

Stack-based buffer overflow in the readRadianceHeader function in 1 src/fileformat/rgbeio.cpp in pfstools 1.6.2 and 2 src/Fileformat/rgbeio.cpp in Qtpfsgui 1.8.11 allows remote attackers to execute arbitrary code via a crafted Radiance RGBE .hdr file...

6.8CVSS8.3AI score0.03881EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.3 views

SUSE CVE-2019-20378

ganglia-web aka Ganglia Web Frontend through 3.7.5 allows XSS via the header.php ce parameter...

7.1CVSS6.3AI score0.01014EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.3 views

SUSE CVE-2020-28008

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the spool directory owned by a non-root user, an attacker can write to a /var/spool/exim4/input spool header file, in which a crafted recipient address can indirectly lead to command execution...

7.8CVSS8AI score0.00404EPSS
Exploits3References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.5 views

SUSE CVE-2020-28026

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification DSN. Certain uses of ORCPT= can place a newline into a spool header file, and indirectly allow unauthenticated remote attackers to execute arbitrary...

9.8CVSS8.5AI score0.09251EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2023/01/18 12:0 a.m.12 views

Vulnerability of the SNC_io parser function <EW>: read_facet(), incident_volume(). Component: Nef_S2/SNC_io parser.h library, algorithm library for computational geometry CGAL. This allows an intruder to access confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the SNCio parser function ::readfacet and fh-incidentvolume in the NefS2/SNCio parser component’s NefS2/SNCio parser.h file is related to unvalidated array indexing. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity...

10CVSS7.7AI score0.02256EPSS
Exploits1References8Affected Software3
OSV
OSV
added 2022/09/02 10:15 p.m.2 views

CVE-2022-36647

PKUVCL davs2 v1.6.205 was discovered to contain a global buffer overflow via the function parsesequenceheader at source/common/header.cc:269...

5.5CVSS6.1AI score0.00273EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/08/16 12:0 a.m.6 views

tifig 代码问题漏洞

tifig is a Monostream open source fast HEIF image converter for thumbnails. tifig v0.2.2 version of the code problem vulnerability , the vulnerability stems from its /bits/stlvector.h component in the std::vector ::size function has a memory segment exception...

5.5CVSS5.8AI score0.00287EPSS
Exploits1References2
Oracle linux
Oracle linux
added 2022/05/31 12:0 a.m.413 views

rsyslog security update

8.24.0-57.0.4.el79.3 - Newer gcc complains about implicit declaration of prctl. Added header file to quiesce the compiler 8.24.0-57.3 - Address CVE-2022-24903, Heap-based overflow in TCP syslog server resolves: rhbz2081395...

8.1CVSS2.1AI score0.03821EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/04/05 12:0 a.m.8 views

The vulnerability of the `pool_installable` function in the `src/repo.h` file of the Libsolv library allows a hacker to trigger a service failure.

The vulnerability of the poolinstallable function in the src/repo.h file of the Libsolv library is related to writing beyond buffer boundaries. Exploiting this vulnerability allows a remote attacker to cause service failure...

7.8CVSS7.1AI score0.01462EPSS
Exploits1References5Affected Software2
OSV
OSV
added 2021/08/02 7:15 p.m.4 views

UBUNTU-CVE-2021-33196

In archive/zip in Go before 1.15.13 and 1.16.x before 1.16.5, a crafted file count in an archive's header can cause a NewReader or OpenReader panic...

7.5CVSS6.7AI score0.03464EPSS
Exploits1References4
OSV
OSV
added 2021/05/04 1:30 p.m.4 views

UBUNTU-CVE-2020-28026

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification DSN. Certain uses of ORCPT= can place a newline into a spool header file, and indirectly allow unauthenticated remote attackers to execute arbitrary...

9.8CVSS7.2AI score0.09251EPSS
Exploits1References4
Fedora
Fedora
added 2021/04/26 12:27 a.m.35 views

[SECURITY] Fedora 34 Update: CImg-2.9.7-1.fc34

The CImg Library is an open-source C++ toolkit for image processing. It consists in a single header file 'CImg.h' providing a minimal set of C++ classes and methods that can be used in your own sources, to load/save, process and display images. Very portable, efficient and easy to use, it's a...

8.1CVSS0.9AI score0.01467EPSS
Exploits1
Fedora
Fedora
added 2021/04/19 5:51 p.m.48 views

[SECURITY] Fedora 32 Update: CImg-2.9.7-1.fc32

The CImg Library is an open-source C++ toolkit for image processing. It consists in a single header file 'CImg.h' providing a minimal set of C++ classes and methods that can be used in your own sources, to load/save, process and display images. Very portable, efficient and easy to use, it's a...

8.1CVSS0.9AI score0.01467EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2021/04/08 12:0 a.m.9 views

The vulnerabilities in the arch/s390/kvm/kvm-s390.c component, include/linux/kvm_host.h, and virt/kvm/kvm_main.c files of the Kernel-Based Virtual Machine (KVM) virtualization subsystem in Linux operating systems allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the arch/s390/kvm/kvm-s390.c component, include/linux/kvmhost.h, and virt/kvm/kvmmain.c file in the KVM virtualization subsystem of Linux operating systems is due to a buffer overflow issue. Exploiting this vulnerability could allow an attacker to compromise the...

7CVSS7AI score0.0032EPSS
Exploits0References5Affected Software2
Oracle linux
Oracle linux
added 2020/10/06 12:0 a.m.72 views

libssh2 security update

1.8.0-4 - fix integer overflow in SSHMSGDISCONNECT logic CVE-2019-17498 1.8.0-3 - sanitize public header file detected by rpmdiff 1.8.0-2 - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes CVE-2019-3863 - fix out-of-bounds memory comparison with specially...

9.3CVSS2.2AI score0.09219EPSS
Exploits1
CNVD
CNVD
added 2020/03/23 12:0 a.m.3 views

Chadha PHPKB Cross-Site Scripting Vulnerability (CNVD-2020-17938)

Chadha Software Technologies PHPKB Standard Multi-Language is a web-based, multi-language knowledge base management system from Chadha Software Technologies, India. A reflected cross-site scripting vulnerability exists in admin/optimize-database.php in Chadha PHPKB Standard Multi-Language 9. The...

4.8CVSS6.1AI score0.00611EPSS
Exploits1References1
CNVD
CNVD
added 2020/03/13 12:0 a.m.4 views

Chadha Software Technologies PHPKB Standard Multi-Language Cross-Site Scripting Vulnerability (CNVD-2020-17957)

Chadha Software Technologies PHPKB Standard Multi-Language is a web-based, multi-language knowledge base management system from Chadha Software Technologies, India. A cross-site scripting vulnerability exists in the way URIs are handled in the admin/header.php file in Chadha Software Technologies...

4.8CVSS6.4AI score0.00611EPSS
Exploits1References1
Rows per page
Query Builder