12 matches found
CVE-2026-21918
A Double Free vulnerability in the flow processing daemon flowd of Juniper Networks Junos OS on SRX and MX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. On all SRX and MX Series platforms, when during TCP session establishment a specific sequence of...
Intel PROSet/Wireless WiFi 资源管理错误漏洞
Intel PROSet/Wireless WiFi is a wireless network card driver from Intel Corporation USA. A resource management error vulnerability exists in Intel PROSet/Wireless WiFi versions prior to 23.100, which stems from reuse after release and could lead to a denial of service attack...
fastd 安全漏洞
fastd is a Swoole-enabled lightweight web development framework from the Fastdlabs team in China. A security vulnerability exists in versions prior to fastd 23, which stems from the presence of a UDP traffic amplification vulnerability that could lead to a distributed denial of service attack...
1E Platform 安全漏洞
1E Platform is a terminal endpoint management and automation solution from 1E. A security vulnerability exists in versions prior to 1E Platform 23 that stems from an identity server that can enable URL redirection to untrusted sites...
PT-2024-13200 · M Files · M-Files Web
Name of the Vulnerable Software and Affected Versions: M-Files Web versions prior to 23.8 Description: The issue allows an attacker to execute a script on a user's browser via a stored HTML document within a limited time period. This is a stored XSS vulnerability. Recommendations: For M-Files Web...
PYSEC-2023-228
When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call ie "--config". Controlling the Mercurial configuration can modify how and which...
M-Files Web Code Issue Vulnerability
M-Files Web is an intelligent information management platform from M-Files USA, Inc. It is used to optimally support users in their daily work. A code issue vulnerability exists in M-Files Web versions prior to 23.10 that stems from an insufficient blacklist and allows remote code execution via...
Deciso OPNsense Cross-Site Scripting Vulnerability
Deciso OPNsense is a suite of FreeBSD-based open source firewall and routing software from Dutch company Deciso. A cross-site scripting vulnerability exists in OPNsense versions prior to 23.7, which stems from a reflected cross-site scripting XSS vulnerability in component...
Ideasoft E-commerce Platform 安全漏洞
Ideasoft E-commerce Platform is an open source e-commerce platform from Ideasoft. A security vulnerability exists in Ideasoft E-commerce Platform versions prior to 23.05, which stems from a vulnerability in Rental Module that allows an attacker to bypass authorization via a controlled user key...
SUSE CVE-2013-1705
Heap-based buffer underflow in the cryptojsinterpretkeygentype function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted Certificate Request Message Format CRMF request...
CVE-2022-21442
Vulnerability in Oracle GoldenGate component: OGG Core Library. The supported version that is affected is Prior to 23.1. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle GoldenGate executes to compromise Oracle GoldenGate. While the...
PT-2013-3339 · Mozilla +1 · Firefox Esr +4
Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 23.0 Firefox ESR versions prior to 17.0.8 Thunderbird versions prior to 17.0.8 Thunderbird ESR versions prior to 17.0.8 Description: A stack-based buffer overflow issue exists in the Mozilla Updater component...