CVE-2019-11745

When encrypting with a block cipher, if a call to NSCEncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 68.3, Firefox ESR 68.3, an...

CVE-2019-1296

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1295...

CVE-2019-1296

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1295...

Remote code execution

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1296...

Remote code execution

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1295...

CVE-2019-1295

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1296...

Microsoft SharePoint Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm...

The vulnerability of the SnCloneVault.sys driver of the Secret Net Studio information protection system, which allows a hacker to trigger a service failure.

The vulnerability of the SnCloneVault.sys driver of the Secret Net Studio information protection system is related to deficiencies in data input control within the driver. Exploiting this vulnerability can allow attackers to cause service failures...

SAP E-Commerce Code Injection Vulnerability

SAP E-Commerce is a set of e-commerce solutions from Germany's SAP. A code injection vulnerability exists in SAP E-Commerce, which arises from the failure of a network system or product to properly filter specific elements of externally entered data during the construction of a code segment, and...

Juniper JSA10904

The version of tested product installed on the remote host is 12.3 prior to 12.3R12-S12, 12.3X48 prior to 12.3X48-D76, 14.1X53 prior to 14.1X53-D48, 15.1 prior to 15.1R5, 15.1X49 prior to 15.1X49-D151, 15.1 prior to 15.1F6-S12 or 16.1 prior to 16.1R2. It is, therefore, affected by a denial of...

Phoenix Contact RAD-80211-XD/HP-BUS and Phoenix Contact RAD-80211-XD Command Injection Vulnerability

The Phoenix Contact RAD-80211-XD/HP-BUS and Phoenix Contact RAD-80211-XD are both high power WLAN wireless transceivers from Phoenix Contact, Germany. A command injection vulnerability exists in the PHOENIX CONTACT RAD-80211-XD and RAD-80211-XD/HP-BUS, which can be exploited by an attacker to...

The vulnerability of the .NET Framework software platform is related to errors in data input processing, allowing an attacker to execute arbitrary code.

The vulnerability of the .NET Framework software platform is related to errors in data processing. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially crafted input data...

Buffer Overflow Vulnerability in OhEasy Multimedia Network Classroom Software

Oh easy multimedia network classroom software is a set of multimedia computer to assist teachers to complete the teaching software. A buffer overflow vulnerability exists in the OhEasy Multimedia Network Classroom Software. An attacker can exploit the vulnerability to cause a buffer overflow by...

CVE-2018-14799

In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, the PageWriter device does not sanitize data entered by user. This can lead to buffer overflow or format string vulnerabilities...

The vulnerability of the form development tool for data input based on XML, Microsoft InfoPath, arises from errors in object processing in memory, allowing attackers to execute arbitrary code.

The vulnerability of the form development tool for input data based on XML is due to an operation going beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted file...

EMS Master Calendar 8.0.0.20180520 - Cross-Site Scripting

EMS Master Calendar 8.0.0.20180520 - Cross-Site Scripting Exploit Title: EMS Master Calendar alert'XSS'xyz...

EMS Master Calendar < 8.0.0.20180520 - Cross-Site Scripting

Exploit Title: EMS Master Calendar alert'XSS'xyz...

CVE-2018-11628

Data input into EMS Master Calendar before 8.0.0.201805210 via URL parameters is not properly sanitized, allowing malicious attackers to send a crafted URL for XSS...

CVE-2018-11628

EMS Master Calendar before 8.0.0.201805210 is affected by a cross-site scripting (XSS) vulnerability where data input via URL parameters is not properly sanitized. Root cause: insufficient input filtering in the web application, enabling a crafted URL to execute script in a user’s browser. Docume...

USN-3543-1: rsync vulnerabilities

It was discovered that rsync incorrectly handled certain data input. An attacker could possibly use this to cause a denial of service or execute arbitrary code. CVE-2017-16548 It was discovered that rsync incorrectly parsed certain arguments. An attacker could possibly use this to bypass argument...