756 matches found
CVE-2025-54656
UNSUPPORTED WHEN ASSIGNED Improper Output Neutralization for Logs vulnerability in Apache Struts. This issue affects Apache Struts Extras: before 2. When using LookupDispatchAction, in some cases, Struts may print untrusted input to the logs without any filtering. Specially-crafted input may lead...
Apache Struts Extras 2 安全漏洞
Apache Struts Extras 2 is an extension to the Apache Struts 2 framework from the Apache USA Foundation. A security vulnerability exists in Apache Struts Extras 2 that stems from the possibility of printing untrusted input to the log when using LookupDispatchAction...
CVE-2025-44206
Hexagon HxGN OnCall Dispatch Advantage Web v10.2309.03.00264 and Hexagon HxGN OnCall Dispatch Advantage Mobile v10.2402 are vulnerable to Cross Site Scripting XSS which allows a remote authenticated attacker with access to the Broadcast Person functionality to execute arbitrary code...
CVE-2025-44206
Hexagon HxGN OnCall Dispatch Advantage Web v10.2309.03.00264 and Hexagon HxGN OnCall Dispatch Advantage Mobile v10.2402 are vulnerable to Cross Site Scripting XSS which allows a remote authenticated attacker with access to the Broadcast Person functionality to execute arbitrary code...
CVE-2025-44206
Hexagon HxGN OnCall Dispatch Advantage Web v10.2309.03.00264 and Mobile v10.2402 are affected by a Cross-Site Scripting (XSS) vulnerability that can be exploited by a remote authenticated attacker with access to the Broadcast (Person) functionality to execute arbitrary code. Root cause details be...
Hexagon HxGN OnCall Dispatch Advantage 跨站脚本漏洞
Hexagon HxGN OnCall Dispatch Advantage is a software suite for event management and dispatch from Hexagon Sweden. A security vulnerability exists in Hexagon HxGN OnCall Dispatch Advantage that stems from a cross-site scripting vulnerability that could lead to the execution of arbitrary code...
CVE-2025-44206
Hexagon HxGN OnCall Dispatch Advantage Web v10.2309.03.00264 and Hexagon HxGN OnCall Dispatch Advantage Mobile v10.2402 are vulnerable to Cross Site Scripting XSS which allows a remote authenticated attacker with access to the Broadcast Person functionality to execute arbitrary code...
CVE-2025-38016 HID: bpf: abort dispatch if device destroyed
In the Linux kernel, the following vulnerability has been resolved: HID: bpf: abort dispatch if device destroyed The current HID bpf implementation assumes no output report/request will go through it after hidbpfdestroydevice has been called. This leads to a bug that unplugging certain types of H...
CVE-2025-38016
In the Linux kernel, the following vulnerability has been resolved: HID: bpf: abort dispatch if device destroyed The current HID bpf implementation assumes no output report/request will go through it after hidbpfdestroydevice has been called. This leads to a bug that unplugging certain types of H...
Telex Remote Dispatch Console Server和RTS VLink Virtual Matrix Software 安全漏洞
Telex Remote Dispatch Console Server is a scalable communication system from Telex Corporation, U.S.A. RTS VLink Virtual Matrix Software is a software solution for RTS matrix intercom systems from RTS Corporation, U.S.A. The vulnerability is due to a security flaw in Telex Remote Dispatch Console...
CVE-2023-42335
Unrestricted File Upload vulnerability in Fl3xx Dispatch 2.10.37 and fl3xx Crew 2.10.37 allows a remote attacker to execute arbitrary code via the add attachment function in the New Expense component...
CVE-2023-42334
An Indirect Object Reference IDOR in Fl3xx Dispatch 2.10.37 and fl3xx Crew 2.10.37 allows a remote attacker to escalate privileges via the user parameter...
CVE-2023-2773
A vulnerability has been found in code-projects Bus Dispatch and Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file viewadmin.php. The manipulation of the argument adminid leads to sql injection. The attack can be launched...
CVE-2023-2774
A vulnerability was found in code-projects Bus Dispatch and Information System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file viewbranch.php. The manipulation of the argument branchid leads to sql injection. The attack may be launched remotely. Th...
CVE-2023-2775
A vulnerability was found in code-projects Bus Dispatch and Information System 1.0. It has been classified as critical. This affects an unknown part of the file adminHome.php. The manipulation of the argument reachcity leads to sql injection. It is possible to initiate the attack remotely. The...
CVE-2022-30016
Rescue Dispatch Management System 1.0 is vulnerable to Incorrect Access Control via http://localhost/rdms/admin/?page=systeminfo...
CVE-2022-31941
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via \rdms\admin?page=user\manageuser=...
CVE-2022-31957
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via rdms/admin/teams/viewteam.php?id=...
CVE-2022-30017
Rescue Dispatch Management System 1.0 suffers from Stored XSS, leading to admin account takeover via cookie stealing...
CVE-2022-31948
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=deletereport...