Lucene search
K

86 matches found

Positive Technologies
Positive Technologies
added 2024/11/07 12:0 a.m.3 views

PT-2024-16671 · Unknown · 1000 Projects Bookstore Management System

Name of the Vulnerable Software and Affected Versions: 1000 Projects Bookstore Management System version 1.0 Description: A critical issue has been found in the 1000 Projects Bookstore Management System, affecting an unknown functionality of the file /contact process.php. The manipulation of the...

9.8CVSS8.4AI score0.00663EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2024/08/08 4:44 a.m.3 views

kernel: net: fix information leakage in /proc/net/ptype

In the Linux kernel, the following vulnerability has been resolved: net: fix information leakage in /proc/net/ptype In one net namespace, after creating a packet socket without binding it to a device, users in other net namespaces can observe the new packettype added by this packet socket by...

7.1CVSS6.8AI score0.00222EPSS
Exploits0References5
OSV
OSV
added 2024/07/09 8:15 p.m.3 views

CVE-2024-37872

SQL injection vulnerability in process.php in Itsourcecode Billing System in PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the username parameter...

8.1CVSS6.1AI score0.00543EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/06/13 12:0 a.m.5 views

PT-2024-27783 · Unknown · Itsourcecode Billing System

Name of the Vulnerable Software and Affected Versions: itsourcecode Billing System version 1.0 Description: A SQL Injection issue allows a local attacker to execute arbitrary code in process.php via the username parameter. Recommendations: For itsourcecode Billing System version 1.0, consider...

9.8CVSS9AI score0.00726EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.6 views

PT-2024-26403 · Unknown · Campcodes Online Event Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Online Event Management System version 1.0 Description: A problematic issue has been found in the system, affecting the processing of the file /views/process.php. The manipulation of the name argument leads to cross-site scripting...

5.4CVSS4.3AI score0.00494EPSS
Exploits1References7
CNNVD
CNNVD
added 2024/01/08 12:0 a.m.5 views

Kashipara Dynamic Lab Management System SQL Injection Vulnerability

Kashipara Dynamic Lab Management System is a dynamic lab management system from Kashipara. A SQL injection vulnerability exists in Kashipara Dynamic Lab Management System 1.0 and earlier versions, which originates from a SQL injection vulnerability in the file loginprocess.php...

7.5CVSS7.9AI score0.00733EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/12/25 12:0 a.m.5 views

ILIAS Security Vulnerabilities

ILIAS is an open source learning management system. A security vulnerability exists in ILIAS versions prior to 7.23 and prior to 8.3, which stems from a workflow-engine vulnerability that allows an attacker to run arbitrary system commands on an application server as an application user via a...

7.2CVSS7AI score0.00791EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/08/02 12:0 a.m.5 views

procps buffer error vulnerability

procps is the procps-ng open source command line and full screen utility for browsing procfs. A security vulnerability exists in procps that stems from allowing a user with the right to run the procps program on a computer to write a virtually unlimited amount of unfiltered data to the process he...

3.3CVSS6.9AI score0.00239EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/05/09 12:0 a.m.5 views

Catdoc 安全漏洞

Catdoc is a program that reads MS-Word files and prints them readably, by Pete Warden, an individual developer in the United States. A security vulnerability exists in Catdoc version v0.95, which stems from the function processfile in /src/reader.c containing a global buffer overflow...

7.8CVSS7.7AI score0.00277EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:59 a.m.6 views

SUSE CVE-2016-6234

The processfile function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service crash via a crafted jpeg file...

5.5CVSS6.7AI score0.00871EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2022/11/21 4:21 p.m.6 views

Mozilla: Symlinks may resolve to partially uninitialized buffers

The Mozilla Foundation Security Advisory describes this flaw as: When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer...

8.8CVSS7.2AI score0.00789EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/11/21 12:52 p.m.5 views

Mozilla: Symlinks may resolve to partially uninitialized buffers

The Mozilla Foundation Security Advisory describes this flaw as: When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer...

8.8CVSS7.2AI score0.00789EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/11/21 12:51 p.m.4 views

Mozilla: Symlinks may resolve to partially uninitialized buffers

The Mozilla Foundation Security Advisory describes this flaw as: When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer...

8.8CVSS7.2AI score0.00789EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/11/21 12:37 p.m.5 views

Mozilla: Symlinks may resolve to partially uninitialized buffers

The Mozilla Foundation Security Advisory describes this flaw as: When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer...

8.8CVSS7.2AI score0.00789EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/09/06 12:0 a.m.36 views

Amazon Linux 2022 : polkit, polkit-devel, polkit-libs (ALAS2022-2022-102)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-102 advisory. There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion.The highest threat from this vulnerability is to availability. NOTE:...

5.5CVSS6.6AI score0.0053EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/07/29 12:0 a.m.23 views

EulerOS Virtualization 2.9.0 : polkit (EulerOS-SA-2022-2206)

According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustio...

5.5CVSS6.6AI score0.0053EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/07/15 12:0 a.m.50 views

EulerOS Virtualization 2.10.0 : polkit (EulerOS-SA-2022-2033)

According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed...

7.8CVSS7.9AI score0.94921EPSS
Exploits152References3
OpenVAS
OpenVAS
added 2022/07/14 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2022-2061)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.7AI score0.94921EPSS
Exploits152References4
ATTACKERKB
ATTACKERKB
added 2022/07/07 7:15 p.m.1 views

CVE-2022-32056

Online Accreditation Management v1.0 was discovered to contain a SQL injection vulnerability via the USERNAME parameter at process.php...

9.8CVSS8.9AI score0.0102EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/06/15 12:0 a.m.33 views

EulerOS 2.0 SP9 : polkit (EulerOS-SA-2022-1850)

According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest...

5.5CVSS6.7AI score0.0053EPSS
Exploits1References2
Rows per page
Query Builder