11 matches found
CVE-2026-23847
SiYuan is a personal knowledge management system. Versions prior to 3.5.4 are vulnerable to reflected cross-site scripting in /api/icon/getDynamicIcon due to unsanitized SVG input. The endpoint generates SVG images for text icons type=8. The content query parameter is inserted directly into the S...
OpenSSL Toolkit 3.5.4
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.5 LTS release...
Etcd v3.5.4 allows remote attackers to cause a denial of service via function PageWriter.write in pagewriter.go. NOTE: the vendor's position is that this is not a vulnerability.
...
CVE-2022-35452
OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0b2c...
Bachmann Visutec GmbH Atvise 安全漏洞
Bachmann Visutec GmbH Atvise is a full-featured networked HMI and SCADA system using pure network technology from Bachmann Visutec GmbH of Austria. A security vulnerability exists in Bachmann Visutec GmbH Atvise versions 3.5.4, 3.6, and 3.7 that stems from an information disclosure issue in the...
CVE-2022-22354
creationtimestamp| type| source ---|---|--- 2022-03-14 19:18:23+00:00| seen| https://t.me/cibsecurity/38893...
phpList cross-site scripting vulnerability (CNVD-2020-38221)
phpList is an open source newsletter and email marketing software from phpList UK. A cross-site scripting vulnerability exists in the /lists/admin/user.php and /lists/admin/users.php files in versions of phpList prior to 3.5.4. The vulnerability stems from a lack of proper validation of client-si...
3CX Phone System Directory Traversal Vulnerability
3CX Phone System is a unified communications solution that includes web conferencing, IP telephony, and cell phone clients.Management Console is one of the management console programs. A directory traversal vulnerability exists in Management Console in 3CX Phone System version 15.5.3554.1. An...
The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the kdelibs-3.5.4 package for the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...
DEBIAN-CVE-2013-1827
net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash by leveraging the CAPNETADMIN capability for a certain 1 sender or 2 receiver getsockopt call...
Firefox crashes with evidence of memory corruption
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...