10 matches found
CVE-2026-34253
A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets. These vulnerabilities arise when processing IOCTL calls with invalid input parameters to update sensor property settings, which may lead to...
EUVD-2023-40110
Malicious code in bioql PyPI...
SAP NetWeaver AS Cross-Site Scripting Vulnerability (CNVD-2024-49630)
SAP NetWeaver AS is a SAP network application server from SAP. It not only provides network services, but also the basic platform for SAP software. SAP NetWeaver AS suffers from a cross-site scripting vulnerability that stems from insufficient coding of user control input, which can be exploited ...
CVE-2022-27777
A XSS Vulnerability in Action View tag helpers = 5.2.0 and 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes...
Codesys Control Improper Input Validation
CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages. File data ot500450.nasl...
NodeBB Emoji 3.2.1 Arbitrary FIle Write
Exploit Title: NodeBB Plugin Emoji 3.2.1 - Arbitrary File Write Date: 2021-02-01 Exploit Author: 1F98D Software Link: https://nodebb.org/ Version: Emoji for NodeBB ', r.text, re.IGNORECASE if csrf is None: print'! Could not extract csrf token to proceed.' sys.exit1 auth = 'username': USERNAME,...
CVE-2017-17798
In TG Soft Vir.IT eXplorer Lite 8.5.42, the driver file VIRAGTLT.SYS allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0x8273A0A0, a different vulnerability than CVE-2017-17800...
ISC BIND rndc Control Instance Denial of Service Vulnerability
ISC BIND is a set of open source software that implements the DNS protocol. A design flaw in the BIND rndc control instance's handling of request input can lead to an assertion failure in sexpr.c or alist.c, which can ultimately lead to the exit of the named process when a malformed packet is sen...
best software SalesLogix 2000.0 - Multiple Vulnerabilities
source: https://www.securityfocus.com/bid/11450/info Best Software SalesLogix is affected by multiple vulnerabilities. These issues are due to design errors that reveal sensitive information, access control validation issues that allow unauthorized access and input validation issues facilitating...