454 matches found
CVE-2026-45673
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DNS resolver uses a predictable PRNG for generating DNS transaction IDs and defaults to a static UDP source port. This combination reduces the entrop...
CVE-2026-39410
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.12, a discrepancy between browser cookie parsing and parse handling allows cookie prefix protections to be bypassed. Cookie names that are treated as distinct by the browser may be normalized to th...
CVE-2026-37525
AGL app-framework-binder afb-daemon through v19.90.0 contains a privilege escalation vulnerability in the supervision Do command. The onsupervisioncall function in src/afb-supervision.c explicitly nullifies the request credentials by calling afbcontextchangecred&xreq-;context, NULL before...
CVE-2026-37525
AGL app-framework-binder afb-daemon through v19.90.0 contains a privilege escalation vulnerability in the supervision Do command. The onsupervisioncall function in src/afb-supervision.c explicitly nullifies the request credentials by calling afbcontextchangecred&xreq-;context, NULL before...
CVE-2026-37525
The CVE-2026-37525 entry concerns the AGL app-framework-binder (afb-daemon) up to v19.90.0. The vulnerability resides in the supervision Do command: the on_supervision_call path explicitly_nullifies credentials via afb_context_change_cred(&xreq->context, NULL) before dispatching an attacker-co...
Oracle Application Development Framework 安全漏洞
The Oracle Application Development Framework is an enterprise-level application development framework developed by Oracle, a company in the United States. Versions 12.2.1.4.0 and 14.1.2.0.0.0 of the Oracle Application Development Framework contain security vulnerabilities. These vulnerabilities...
CVE-2019-25266 Wondershare Application Framework Service 2.4.3.231 - 'WsAppService' Unquote Service Path
Wondershare Application Framework Service 2.4.3.231 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific directory...
EUVD-2019-19407
Wondershare Application Framework Service 2.4.3.231 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific directory...
CVE-2019-25266
Wundersoft Wondershare Application Framework Service 2.4.3.231 is affected by an unquoted service path vulnerability that can let local attackers execute arbitrary code with elevated privileges by placing a malicious executable in specific directories to hijack the service’s execution context. Af...
CVE-2020-37048
Iskysoft Application Framework Service 2.4.3.241 is affected by an unquoted service path vulnerability (IsAppService). The vulnerability arises from an unquoted service executable path in the service configuration, enabling local attackers to insert a malicious executable that runs with the servi...
CVE-2026-21924
Vulnerability in the Oracle Utilities Application Framework product of Oracle Utilities Applications component: General. Supported versions that are affected are 4.4.0.3.0, 4.5.0.0.0, 4.5.0.1.1, 4.5.0.1.3, 4.5.0.2.0, 25.4 and 25.10. Easily exploitable vulnerability allows low privileged attacker...
EUVD-2026-3585
Vulnerability in the Oracle Utilities Application Framework product of Oracle Utilities Applications component: General. Supported versions that are affected are 4.4.0.3.0, 4.5.0.0.0, 4.5.0.1.1, 4.5.0.1.3, 4.5.0.2.0, 25.4 and 25.10. Easily exploitable vulnerability allows low privileged attacker...
PT-2026-3674
Name of the Vulnerable Software and Affected Versions Oracle Utilities Application Framework versions 4.4.0.3.0 through 4.5.0.2.0 Oracle Utilities Application Framework versions 25.4 and 25.10 Description A flaw exists within the Oracle Utilities Application Framework component of Oracle Utilitie...
CVE-2025-5718
The ACAP Application framework could allow privilege escalation through a symlink attack. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP...
EUVD-2025-74044
The ACAP Application framework could allow privilege escalation through a symlink attack. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP...
CVE-2025-5718
The CVE-2025-5718 issue concerns the Axis ACAP Application framework on Axis OS devices. It describes a privilege-escalation vulnerability via a symbolic-link (symlink) attack, exploitable only if the device is configured to allow unsigned ACAP applications and an attacker persuades a user to ins...
CVE-2025-5718
The ACAP Application framework could allow privilege escalation through a symlink attack. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP...
CVE-2025-5718
The ACAP Application framework could allow privilege escalation through a symlink attack. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP...
EUVD-2020-24508
Malware in sbrugna...
EUVD-2010-1752
Malware in sbrugna...