40 matches found
forest 安全漏洞
forest is a modern knowledge community backend project of RYMCU open source , using SpringBoot + Shiro + MyBatis + JWT + Redis implementation . There is a security vulnerability in forest, which originates from the lack of authorization for the functions getAll/addDic/getAllDic/deleteDic in the...
EUVD-2015-3060
Malware in sbrugna...
EUVD-2008-3920
Malware in sbrugna...
DEBIAN-CVE-2025-38627
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix UAF of f2fsinodeinfo in f2fsfreedic The decompressioctx may be released asynchronously after I/O completion. If this file is deleted immediately after read, and the kworker of processing postreadwq has not bee...
pixiv: Non-premium user can disable Ads in japanese version of dic.pixiv.net
A vulnerability was identified in the Japanese version of the pixiv dictionary website where non-premium users could disable advertisements. Normally, the ability to disable ads was restricted to premium users only. However, due to improper access control, any authenticated user could modify thei...
SUSE CVE-2023-52852
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to avoid use-after-free on dic Call trace: memcpy+0x128/0x250 f2fsreadmultipages+0x940/0xf7c f2fsmpagereadpages+0x5a8/0x624 f2fsreadahead+0x5c/0x110 pagecacheraunbounded+0x1b8/0x590...
DEBIAN-CVE-2023-52852
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to avoid use-after-free on dic Call trace: memcpy+0x128/0x250 f2fsreadmultipages+0x940/0xf7c f2fsmpagereadpages+0x5a8/0x624 f2fsreadahead+0x5c/0x110 pagecacheraunbounded+0x1b8/0x590...
CVE-2023-52852
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to avoid use-after-free on dic Call trace: memcpy+0x128/0x250 f2fsreadmultipages+0x940/0xf7c f2fsmpagereadpages+0x5a8/0x624 f2fsreadahead+0x5c/0x110 pagecacheraunbounded+0x1b8/0x590...
CVE-2023-52852
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to avoid use-after-free on dic Call trace: memcpy+0x128/0x250 f2fsreadmultipages+0x940/0xf7c f2fsmpagereadpages+0x5a8/0x624 f2fsreadahead+0x5c/0x110 pagecacheraunbounded+0x1b8/0x590...
dic-asset.de XSS vulnerability
Open Bug Bounty ID: OBB-673513 Description| Value ---|--- Affected Website:| dic-asset.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
dic-asset.de XSS vulnerability
Open Bug Bounty ID: OBB-664705 Description| Value ---|--- Affected Website:| dic-asset.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Webservice-DIC yoyaku_v41 OS Command Injection Vulnerability
Webservice-DIC yoyakuv41 is a conference room reservation management software from Webservice-DIC. Webservice-DIC yoyakuv41 fails to properly filter user-submitted input, allowing remote attackers to exploit the vulnerability by submitting a special request to execute arbitrary operating system...
Webservice-DIC yoyaku_v41 Input Validation Vulnerability
Webservice-DIC yoyakuv41 is a conference room reservation management software from Webservice-DIC. Webservice-DIC yoyakuv41 fails to properly filter user-submitted input, allowing remote attackers to exploit the vulnerability by submitting a special request to create arbitrary files...
CVE-2015-2979
Webservice-DIC yoyakuv41 allows remote attackers to execute arbitrary OS commands via unspecified vectors...
CVE-2015-2978
Webservice-DIC yoyakuv41 allows remote attackers to bypass authentication and complete a conference-room reservation via unspecified vectors, as demonstrated by an "unintentional reservation."...
CVE-2015-2977
Webservice-DIC yoyakuv41 allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via unspecified vectors...
Authentication flaw
Webservice-DIC yoyakuv41 allows remote attackers to bypass authentication and complete a conference-room reservation via unspecified vectors, as demonstrated by an "unintentional reservation."...
Code injection
Webservice-DIC yoyakuv41 allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via unspecified vectors...
Design/Logic Flaw
Webservice-DIC yoyakuv41 allows remote attackers to execute arbitrary OS commands via unspecified vectors...
CVE-2015-2978
Webservice-DIC yoyakuv41 allows remote attackers to bypass authentication and complete a conference-room reservation via unspecified vectors, as demonstrated by an "unintentional reservation."...