Remote Code Execution (RCE)

broccoli-compass is vulnerable to Remote Code Execution RCE. Lack of proper checking of attacker-controlled filenames which is included in the list of files passed to the library via its files option, allows an attacker to execute malicious code on the system...

Tenda AC15 sub_8EE8 function buffer overflow vulnerability

The Tenda AC15 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in the Tenda AC15 sub8EE8 function due to incorrect boundary checking in the sub8EE8 function. An authenticated, remote attacker could exploit this vulnerability to cause a buffer overflow a...

CVE-2023-22665

There is insufficient checking of user queries in Apache Jena versions 4.7.0 and earlier, when invoking custom scripts. It allows a remote user to execute arbitrary javascript via a SPARQL query...

Design/Logic Flaw

There is insufficient checking of user queries in Apache Jena versions 4.7.0 and earlier, when invoking custom scripts. It allows a remote user to execute arbitrary javascript via a SPARQL query...

CVE-2023-22665 Apache Jena: Exposure of arbitrary execution in script engine expressions.

There is insufficient checking of user queries in Apache Jena versions 4.7.0 and earlier, when invoking custom scripts. It allows a remote user to execute arbitrary javascript via a SPARQL query...

CVE-2023-22665

There is insufficient checking of user queries in Apache Jena versions 4.7.0 and earlier, when invoking custom scripts. It allows a remote user to execute arbitrary javascript via a SPARQL query...

PT-2023-2986 · Oracle · Mysql Server

Name of the Vulnerable Software and Affected Versions: EaseProbe versions prior to 2.1.0 Description: The issue is related to an SQL injection problem in EaseProbe when using MySQL/PostgreSQL data checking. This occurs due to a lack of protection measures for the SQL query structure, allowing an...

CVE-2023-22665

There is insufficient checking of user queries in Apache Jena versions 4.7.0 and earlier, when invoking custom scripts. It allows a remote user to execute arbitrary javascript via a SPARQL query...

Oracle Linux 6 : openssl (ELSA-2023-12297)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12297 advisory. - Backport fixes for CVE-2023-0286 Orabug: 35212597 - Fix possible infinite loop in BNmodsqrt CVE-2022-0778Orabug: 33969800 - Backport fixes for CVE-2020-1971...

Tenda AC15 缓冲区错误漏洞

The Tenda AC15 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in the Tenda AC15 sub8EE8 function due to incorrect boundary checking in the sub8EE8 function. An authenticated, remote attacker could exploit this vulnerability to cause a buffer overflow a...

Google Android Code Execution Vulnerability (CNVD-2023-55372)

Google Android is a Linux-based open source operating system from Google. A code execution vulnerability exists in Google Android, which stems from a lack of bounds checking in the ncisndsetroutingcmd of the ncihmsgs.cc component, and can be exploited by an attacker to run arbitrary code on the...

Google Android Information Disclosure Vulnerability (CNVD-2023-55376)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that originates from a lack of permission checking in the multiple functions of the RunningTasks.java component, which can be exploited by an attacker to...

Google Android elevation of privilege vulnerability (CNVD-2023-55369)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from a lack of privilege checking in the sanitize of the LayerState.cpp component, which can be exploited by an attacker to elevate...

Google Android Information Disclosure Vulnerability (CNVD-2023-55371)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that stems from a lack of bounds checking in the multiple files component's serialize, which can be exploited by an attacker to obtain sensitive informatio...

Google Android Denial of Service Vulnerability (CNVD-2023-55364)

Google Android is a Linux-based open source operating system from Google. A denial of service vulnerability exists in Google Android, which stems from a lack of permission checking in the canDisplayLocalUi of the AppLocalePickerActivity.java component, which can be exploited by an attacker to cau...

Google Android elevation of privilege vulnerability (CNVD-2023-55367)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which stems from a lack of bounds checking in the accctrlrequestcomposite of the faccessory.c component, which can be exploited by an attacker to elevate...

Juniper Networks Junos OS bbe-smgd Denial of Service Vulnerability

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A denial of service vulnerability exists in the Juniper Networks Junos OS MX Series, which arises from improper checking o...

SUSE SLES15 / openSUSE 15 Security Update : libgit2 (SUSE-SU-2023:1909-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:1909-1 advisory. - CVE-2023-22742: Fixed SSH keys verification failure bsc1207364. Tenable has extracted the preceding description block directly from the...

Authentication Bypass

Google Chrome is vulnerable to Authentication Bypass. The vulnerability exists due to the insufficient validation of untrusted input in Safe Browsing, which allows an attacker to bypass download checking via a crafted HTML page...

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from incorrect boundary checking of avdtscbhdlpktnofrag in the avdtscbact.cc component, which can be exploited by an attacker to elevate...