53 matches found
EUVD-2018-21758
Termite 3.4 contains a buffer overflow vulnerability in the User interface language settings field that allows local attackers to cause a denial of service by supplying an excessively long string. Attackers can paste a 2000-byte payload into the Settings User interface language field to crash the...
CVE-2018-25253
Termite 3.4 contains a buffer overflow vulnerability in the User interface language settings field that allows local attackers to cause a denial of service by supplying an excessively long string. Attackers can paste a 2000-byte payload into the Settings User interface language field to crash the...
CVE-2018-25253
Termite 3.4 contains a buffer overflow vulnerability in the User interface language settings field that allows local attackers to cause a denial of service by supplying an excessively long string. Attackers can paste a 2000-byte payload into the Settings User interface language field to crash the...
CVE-2018-25253
Termite 3.4 contains a local denial-of-service vulnerability caused by a buffer overflow in the Settings -> User interface language settings field. A 2000-byte payload can crash the application, indicating a vulnerable input handling path in the UI language setting. The available sources descr...
Compuphase Termite 缓冲区错误漏洞
Compuphase Termite is a serial terminal tool developed by the Dutch company Compuphase. Version 3.4 of Compuphase Termite contains a buffer overflow vulnerability. This vulnerability stems from an issue with the user interface language settings field, which may lead to local attackers causing the...
EUVD-2011-4335
Malware in sbrugna...
EUVD-2023-51898
Malicious code in bioql PyPI...
EUVD-2023-24072
Malicious code in bioql PyPI...
CMSimple Cross-Site Scripting Vulnerability (CNVD-2026-00535)
CMSimple is a free content management system. A cross-site scripting vulnerability exists in CMSimple that stems from the Logout parameter in the Language section of the Settings menu not properly filtering user input. No details of the vulnerability are available at this time...
Improper Authorization
getkirby/cms is vulnerable to Improper Authorization. The vulnerability is due to the insufficient permission checks in the language settings. An attacker with Panel access can manipulate language definitions by exploiting these missing checks...
Kirby has insufficient permission checks in the language settings
TL;DR This vulnerability affects all Kirby sites with enabled languages option that might have potential attackers in the group of authenticated Panel users. If you have disabled the languages and/or api option and don't call any methods in your code that cause a write access to languages languag...
GHSA-JM9M-RQR3-WFMH Kirby has insufficient permission checks in the language settings
TL;DR This vulnerability affects all Kirby sites with enabled languages option that might have potential attackers in the group of authenticated Panel users. If you have disabled the languages and/or api option and don't call any methods in your code that cause a write access to languages languag...
CVE-2024-41964 Insufficient permission checks in the language settings in Kirby CMS
Kirby is a CMS targeting designers and editors. Kirby allows to restrict the permissions of specific user roles. Users of that role can only perform permitted actions. Permissions for creating and deleting languages have already existed and could be configured, but were not enforced by Kirby's...
Kirby 安全漏洞
Kirby is a file-based content management system CMS from Kirby Open Source. A security vulnerability exists in Kirby that stems from insufficient permission checking in the language settings, allowing an attacker with Panel access to manipulate the language definitions...
CVE-2023-47803
A vulnerability regarding improper limitation of a pathname to a restricted directory 'Path Traversal' is found in the Language Settings functionality. This allows remote attackers to read specific files containing non-sensitive information via unspecified vectors. The following models with...
CVE-2023-47803
A vulnerability regarding improper limitation of a pathname to a restricted directory 'Path Traversal' is found in the Language Settings functionality. This allows remote attackers to read specific files containing non-sensitive information via unspecified vectors. The following models with...
CVE-2023-47803
CVE-2023-47803 describes a path traversal vulnerability in Synology Camera firmware. Affected models BC500 and TC500 with firmware versions before 1.0.7-0298 may allow remote attackers to read files containing non-sensitive information via unspecified vectors through the Language Settings functio...
CVE-2023-47803
A vulnerability regarding improper limitation of a pathname to a restricted directory 'Path Traversal' is found in the Language Settings functionality. This allows remote attackers to read specific files containing non-sensitive information via unspecified vectors. The following models with...
CVE-2023-47803
A vulnerability regarding improper limitation of a pathname to a restricted directory 'Path Traversal' is found in the Language Settings functionality. This allows remote attackers to read specific files containing non-sensitive information via unspecified vectors. The following models with...
LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks
Cybersecurity researchers have uncovered an updated version of a backdoor called LODEINFO that's distributed via spear-phishing attacks. The findings come from Japanese company ITOCHU Cyber & Intelligence, which said the malware "has been updated with new features, as well as changes to the...