Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/28 1:46 p.m.27 views

CVE-2025-40663

Stored Cross-Site Scripting XSS vulnerability in i2A-Cronos version 23.02.01.17, from i2A. It allows an authenticated attacker to upload a malicious SVG image into the user's personal space in /CronosWeb/Modules/Persons/PersonalDocuments/PersonalDocuments. There is no reported fix at this time...

5.1CVSS5.5AI score0.003EPSS
Exploits0References1
CVE
CVE
added 2025/05/26 12:55 p.m.53 views

CVE-2025-40663

CVE-2025-40663 describes a Stored Cross-Site Scripting (XSS) vulnerability in i2A-Cronos v23.02.01.17 (i2A). An authenticated attacker can upload a malicious SVG image into a user’s personal space at /CronosWeb/Modules/Persons/PersonalDocuments/PersonalDocuments, leading to script execution withi...

5.1CVSS5.2AI score0.003EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/01 12:0 a.m.5 views

PT-2024-18893 · Kernel · Kernel

Name of the Vulnerable Software and Affected Versions: Kernel affected versions not specified Description: The issue is related to memory corruption in the Kernel while handling GPU operations. Recommendations: At the moment, there is no information about a newer version that contains a fix for...

8.4CVSS6.7AI score0.00111EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/06/05 12:0 a.m.2 views

PT-2023-35859 · Git +1 · Harfbuzz

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Invalid-free. The crash state involves several function calls, including hb free impl, OT::glyf:: free...

6.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/09/09 12:0 a.m.5 views

PT-2022-23645 · Samsung · Libsdkrecognitiontext.Spensdk.Samsung.So

Name of the Vulnerable Software and Affected Versions: libSDKRecognitionText.spensdk.samsung.so library affected versions not specified Description: A heap-based overflow vulnerability in the PrepareRecogLibrary Part function allows an attacker to cause a memory access fault. The issue is present...

7.8CVSS7.4AI score0.00101EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2018/10/24 12:0 a.m.4 views

PT-2018-14549 · D Link · Dsl-2640T

Name of the Vulnerable Software and Affected Versions: D-link DSL-2640T routers affected versions not specified Description: A security issue exists in the cgi-bin/webcm component of D-link DSL-2640T routers, where an XSS attack can be performed via the var:RelaodHref or var:conid parameter...

6.1CVSS6AI score0.01327EPSS
Exploits1References3
Rows per page
Query Builder