52 matches found
Exploit for CVE-2026-31431
copy.fail — AFALG AEAD splice primitive - CVE-2026-31431 C por...
Exploit for Deserialization of Untrusted Data in Getlaminas Laminas-Http
CVE-2021-3007 — Laminas/Zend HTTP Deserialization RCE ==========...
EUVD-2018-8796
Malware in sbrugna...
EUVD-2016-1749
Malware in sbrugna...
EUVD-2020-30282
Malware in sbrugna...
EUVD-2007-1643
Malware in sbrugna...
EUVD-2013-3605
Malware in sbrugna...
EUVD-2023-40421
Malicious code in bioql PyPI...
WordPress Custom Post Carousels with Owl plugin has an unspecified vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress Custom Post Carousels with Owl plugin that stems from not cleaning up the data-featherlight attribute. An attacker can exploit t...
CVE-2025-29871
CVE-2025-29871 affects QNAP File Station 5. The vulnerability is an out-of-bounds read that can lead to data leakage when an attacker already has an administrator account on the local system. A fix is available in File Station 5 version 5.5.6.4847 and later. Practical impact is limited to local a...
CVE-2018-17016
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for reboottimer name...
CVE-2018-17015
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for ddns phddns username...
CVE-2025-32776
OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the matrixcustomframe file, an attacker can cause the custom kernel driver to read more bytes than provided by user space. This data will...
CVE-2024-53856
rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows an attacker to trigger rpgp crashes by providing crafted data. This vulnerability is fixed in 0.14.1...
CVE-2024-50983
FlightPath 7.5 contains a Cross Site Scripting XSS vulnerability, which allows authenticated remote attackers with administrative rights to inject arbitrary JavaScript in the web browser of a user by including a malicious payload into the Last Name section in the Create/Edit Faculty/Staff User or...
PT-2024-3801
Name of the Vulnerable Software and Affected Versions Check Point Security Gateways versions R77.20 through R81.20 Check Point CloudGuard Network affected versions not specified Check Point Quantum Maestro affected versions not specified Check Point Quantum Scalable Chassis affected versions not...
MGASA-2023-0018 Updated firefox packages fix security vulnerability
A vulnerability was found in NSS. The NSS client auth crashes without a user certificate in the database, leading to a segmentation fault or crash CVE-2022-3479. An out of date library libusrsctp contained vulnerabilities that could potentially be exploited CVE-2022-46871. By confusing the browse...
SourceCodester One Church Management System SQL注入漏洞
SourceCodester One Church Management System is an application of SourceCodester, Inc. A SQL injection vulnerability exists in SourceCodester One Church Management System version 1.0, which stems from The search2 parameter of attachancy.php lacks validation for external input SQL statements, which...
Sql injection
PNPSCADA 2.200816204020 allows SQL injection via parameter 'interf' in /browse.jsp. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database...
CVE-2020-0181
In exifdataloaddatathumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID...