8 matches found
CVE-2026-57278
GeoWebPlayer (Web Plugin/WS Player) vulnerable to a stack-based buffer overflow in the connectInfo handler, specifically in the ip field (conn_info.ip_or_host) with unbounded JSON input. TALOS confirms multiple CVEs in the same connectInfo codepath, including potential arbitrary code execution in...
EUVD-2026-41240
GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...
CVE-2026-57277
CVE-2026-57277 affects GeoWebPlayer (Web Plugin/WS Player) GeoVision GeoWebPlayer Websocket Server connectInfo handler. The vulnerability is a stack-based buffer overflow in the key field (buffer key_blob[17]), caused by copying attacker-controlled JSON fields into fixed-size buffers without prop...
EUVD-2026-40351
Vibe-Trading before 0.1.10 builds the proposal file path by joining a caller-supplied proposal identifier onto the broker proposals directory without sanitization agent/src/live/mandate/commit.py. A proposal identifier containing path traversal sequences causes the application to load an...
EUVD-2026-24583
facil.io is a C micro-framework for web applications. Prior to commit 5128747363055201d3ecf0e29bf0a961703c9fa0, fiojsonparse can enter an infinite loop when it encounters a nested JSON value starting with i or I. The process spins in user space and pegs one CPU core at 100% instead of returning a...
CVE-2023-7334
Changjetong T+ versions up to and including 16.x contain a .NET deserialization vulnerability in an AjaxPro endpoint that can lead to remote code execution. A remote attacker can send a crafted request to /tplus/ajaxpro/Ufida.T.CodeBehind.PriorityLevel,AppCode.ashx?method=GetStoreWarehouseByStore...
Input validation
Jenkins Squash TM Publisher Squash4Jenkins Plugin 1.0.0 and earlier implements an agent-to-controller message that does not implement any validation of its input, allowing attackers able to control agent processes to replace arbitrary files on the Jenkins controller file system with an...
Nodequeue - Critical - Cross Site Scripting - SA-CONTRIB-2019-085
Updated November 22. This module enables you to collect nodes in an arbitrarily ordered list. Nodequeue's JavaScript can be leveraged to insert HTML from attacker-controlled JSON data. This is exploitable if user-submitted "Filtered HTML" content is displayed on a page where nodequeue.js is loade...