254 matches found
Information disclosure
A vulnerability was found in ks-soft Advanced Host Monitor up to 12.56 and classified as problematic. Affected by this issue is some unknown functionality of the file C:\Program Files x86\HostMonitor\RMA-Win\rmaactive.exe. The manipulation leads to unquoted search path. It is possible to launch t...
Design/Logic Flaw
A vulnerability, which was classified as problematic, was found in InternalError503 Forget It up to 1.3. This affects an unknown part of the file js/settings.js. The manipulation of the argument setForgetTime with the input 0 leads to infinite loop. It is possible to launch the attack on the loca...
CVE-2015-10103
CVE-2015-10103 affects InternalError503 Forget It up to version 1.3. The vulnerability resides in js/settings.js where manipulating the setForgetTime argument with input 0 leads to an infinite loop, enabling a local attack vector. Upgrading to version 1.4 addresses this issue; the patch is identi...
CVE-2023-2091
A vulnerability classified as critical was found in KylinSoft youker-assistant on KylinOS. Affected by this vulnerability is the function adjustcpufreqscalinggoverner. The manipulation leads to os command injection. It is possible to launch the attack on the local host. The exploit has been...
CVE-2023-1627
A vulnerability was found in Jianming Antivirus 16.2.2022.418. It has been rated as problematic. This issue affects some unknown processing in the library kvcore.sys of the component IoControlCode Handler. The manipulation leads to denial of service. It is possible to launch the attack on the loc...
CVE-2023-1627
A vulnerability was found in Jianming Antivirus 16.2.2022.418. It has been rated as problematic. This issue affects some unknown processing in the library kvcore.sys of the component IoControlCode Handler. The manipulation leads to denial of service. It is possible to launch the attack on the loc...
CVE-2023-1572
A vulnerability has been found in DataGear up to 1.11.1 and classified as problematic. This vulnerability affects unknown code of the component Plugin Handler. The manipulation leads to cross site scripting. It is possible to launch the attack on the local host. The exploit has been disclosed to...
Cross site scripting
A vulnerability has been found in DataGear up to 1.11.1 and classified as problematic. This vulnerability affects unknown code of the component Plugin Handler. The manipulation leads to cross site scripting. It is possible to launch the attack on the local host. The exploit has been disclosed to...
CVE-2023-1572 DataGear Plugin cross site scripting
A vulnerability has been found in DataGear up to 1.11.1 and classified as problematic. This vulnerability affects unknown code of the component Plugin Handler. The manipulation leads to cross site scripting. It is possible to launch the attack on the local host. The exploit has been disclosed to...
Double free
A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master and classified as problematic. This vulnerability affects the function gfav1resetstate of the file mediatools/avparsers.c. The manipulation leads to double free. It is possible to launch the attack on the local host. The explo...
Design/Logic Flaw
A vulnerability was found in FabulaTech Webcam for Remote Desktop 2.8.42 and classified as problematic. This issue affects some unknown processing in the library ftwebcam.sys of the component Global Variable Handler. The manipulation leads to denial of service. It is possible to launch the attack...
CVE-2022-4772
CVE-2022-4772 affects Widoco: the unZipIt function in WidocoUtils.java is vulnerable to path traversal, enabling local-host exploitation. Exploitation relies on unzipping crafted input to escape the target directory, with impact described as high on confidentiality, integrity, and availability in...
CVE-2017-20066 Adminer Login access control
A vulnerability has been found in Adminer Login 1.4.4 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper access controls. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used...
CVE-2020-36548 GE Voluson S8 Service Browser users.cgi improper authentication
A vulnerability classified as problematic has been found in GE Voluson S8. Affected is the file /uscgi-bin/users.cgi of the Service Browser. The manipulation leads to improper authentication and elevated access possibilities. It is possible to launch the attack on the local host...