7634 matches found
Exploit for CVE-2025-52399
CVE-2025-52399 - SQL Injection in Institute of Current Student...
CVE-2025-51411
A reflected cross-site scripting XSS vulnerability exists in Institute-of-Current-Students v1.0 via the email parameter in the /postquerypublic endpoint. The application fails to properly sanitize user input before reflecting it in the HTML response. This allows unauthenticated attackers to injec...
CVE-2025-51411
CVE-2025-51411 affects Institute-of-Current-Students v1.0, with a reflected XSS vulnerability in the /postquerypublic endpoint via the email parameter. The root cause is insufficient sanitization of user input, allowing an attacker-controlled string to be reflected in HTML and execute arbitrary J...
Institute-of-Current-Students 安全漏洞
Institute-of-Current-Students is a school management website by the individual developer Vishal Mathur. A security vulnerability exists in version 1.0 of Institute-of-Current-Students, which stems from improper email parameter cleanup and could lead to reflective cross-site scripting...
CVE-2025-51411
A reflected cross-site scripting XSS vulnerability exists in Institute-of-Current-Students v1.0 via the email parameter in the /postquerypublic endpoint. The application fails to properly sanitize user input before reflecting it in the HTML response. This allows unauthenticated attackers to injec...
IrfanView CADImage Plugin Buffer Overflow Vulnerability (CNVD-2025-16756)
IrfanView CADImage Plugin is a CAD plugin from IrfanView. IrfanView CADImage Plugin suffers from a buffer overflow vulnerability that stems from a lack of validation of user-supplied data when parsing DXF files, which can be exploited by an attacker to execute code in the context of the current...
IrfanView CADImage Plugin 缓冲区错误漏洞
IrfanView CADImage Plugin is a CAD plugin from IrfanView. IrfanView CADImage Plugin suffers from a buffer overflow vulnerability that stems from a lack of validation of user-supplied data when parsing DWG files, which can be exploited by an attacker to execute code in the context of the current...
Adobe Substance 3D Designer Out-of-Bounds Write Vulnerability (CNVD-2025-16542)
Adobe Substance 3D Designer is a 3D design software from the American company Audobee Adobe. Adobe Substance 3D Designer suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...
Adobe InDesign Heap Buffer Overflow Vulnerability (CNVD-2025-16537)
Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. Adobe InDesign suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...
Adobe InDesign Desktop Heap Buffer Overflow Vulnerability (CNVD-2025-16552)
Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...
Adobe Illustrator Stack Buffer Overflow Vulnerability (CNVD-2025-16547)
Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. A stack buffer overflow vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to execute arbitrary code in the context of the current user...
Adobe Illustrator Stack Buffer Overflow Vulnerability
Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. A stack buffer overflow vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to execute arbitrary code in the context of the current user...
Adobe Illustrator Buffer Overflow Vulnerability (CNVD-2025-16402)
Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. A buffer overflow vulnerability exists in Adobe Illustrator that can be exploited by an attacker to execute arbitrary code in the context of the current user...
Adobe Illustrator Out-of-Bounds Write Vulnerability (CNVD-2025-16401)
Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. An out-of-bounds write vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to execute arbitrary code in the context of the current user...
Adobe Framemaker Numeric Error Vulnerability (CNVD-2025-16398)
Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A numeric error vulnerability exists in Adobe Framemaker, which can be exploited by an attacker to execute arbitra...
Adobe Framemaker heap buffer overflow vulnerability (CNVD-2025-16397)
Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. Adobe Framemaker suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute...
Adobe Framemaker Heap Buffer Overflow Vulnerability (CNVD-2025-16396)
Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. Adobe Framemaker suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute...
Adobe Framemaker Buffer Overflow Vulnerability (CNVD-2025-16395)
Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A buffer overflow vulnerability exists in Adobe Framemaker, which can be exploited by an attacker to execute...
GHSA-W3WH-G4M9-783P XWiki Rendering is vulnerable to XSS attacks through insecure XHTML syntax
Impact The XHTML syntax depended on the xdom+xml/current syntax which allows the creation of raw blocks that permit the insertion of arbitrary HTML content including JavaScript. This allows XSS attacks for users who can edit a document like their user profile enabled by default. The attack works ...
RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow
...