SUSE CVE-2025-70071

An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXParser.cpp, ParseVectorDataArray...

EUVD-2025-209624

An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXParser.cpp, ParseVectorDataArray...

MixPHP Framework has an SQL injection vulnerability via crafted `data` array

SQL injection vulnerability in MixPHP Framework 2.x thru 2.2.17 via crafted data array to the data function in BuildHelper.php...

CVE-2026-42474

SQL injection vulnerability in MixPHP Framework 2.x thru 2.2.17 via crafted data array to the data function in BuildHelper.php...

CVE-2026-42474

SQL injection vulnerability in MixPHP Framework 2.x thru 2.2.17 via crafted data array to the data function in BuildHelper.php...

DEBIAN-CVE-2025-38407

In the Linux kernel, the following vulnerability has been resolved: riscv: cpuopssbi: Use static array for bootdata Since commit 6b9f29b81b15 "riscv: Enable pcpu page first chunk allocator", if NUMA is enabled, the page percpu allocator may be used on very sparse configurations, or when requested...

CVE-2024-57911

In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iiosimplydummybuffer: fix information leak in triggered buffer The 'data' array is allocated via kmalloc and it is used to push data to user space from a triggered buffer, but it does not set values for inactive...

UBUNTU-CVE-2022-48948

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Prevent buffer overflow in setup handler Setup function uvcfunctionsetup permits control transfer requests with up to 64 bytes of payload UVCMAXREQUESTSIZE, data stage handler for OUT transfer uses memcpy to cop...

CVE-2024-39482

CVE-2024-39482 relates to the Linux kernel bug in bcache: it abused a fixed-length array in btree_iter when used with dynamically-sized iterators, triggering UBSAN. The fix introduces a flexible array member in btree_iter and a separate btree_iter_stack that embeds a btree_iter plus a data array,...

EulerOS 2.0 SP8 : krb5 (EulerOS-SA-2023-3131)

According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - lib/kadm5/kadmrpcxdr.c in MIT Kerberos 5 aka krb5 before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated us...

CVE-2023-21507

Out-of-bounds Read vulnerability while processing BCTUICMDSENDRESOURCEDATAARRAY command in bctui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory...

SAMSUNG Blockchain Keystore 缓冲区错误漏洞

SAMSUNG Blockchain Keystore is Samsung's system tool for creating, storing, managing, and backing up private keys. A security vulnerability exists in SAMSUNG Blockchain Keystore versions prior to 1.3.12.1, which stems from an out-of-bounds read vulnerability when processing the...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in BEdita before 3.1 allow remote attackers to hijack the authentication of administrators for requests that 1 create categories via a data array to news/saveCategories or 2 modify credentials via a data array to admin/saveUser...

CVE-2010-5315

CVE-2010-5315 concerns CSRF vulnerabilities in the Web CMS framework BEdita prior to version 3.1. The provided documents consistently describe two attack scenarios: (1) creating categories via a data array to news/saveCategories and (2) modifying credentials via a data array to admin/saveUser, wh...

CVE-2010-3240

Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Real Time Data Array...

Microsoft Excel Real Time Data Array Record Code Execution (MS10-080; CVE-2010-3240)

Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. A memory corruption vulnerability has been identified in Microsoft...

PHP and ASP upload vulnerability exploit-vulnerability warning-the black bar safety net

1 pass exploit the principles just for the form format of the upload of asp and php scripts ncnetcat For the submission packet the dos interface to run under: nc-vv www.. com 8 01.txt -vv: echo 8 0: the www port 1.txt: is your data packet to be transmitted use of more methods, please check this...

Cross site scripting

Cross-site scripting XSS vulnerability in include/sessionRegister.php in WikyBlog before 1.4.13 allows remote attackers to inject arbitrary web script or HTML, probably via vectors related to a certain data2 array element...

CVE-2007-2781

Cross-site scripting XSS vulnerability in include/sessionRegister.php in WikyBlog before 1.4.13 allows remote attackers to inject arbitrary web script or HTML, probably via vectors related to a certain data2 array element...