CVE-2024-30922

SQL Injection vulnerability in DerbyNet v9.0 allows a remote attacker to execute arbitrary code via the where Clause in Award Document Rendering...

CVE-2024-30922

SQL Injection vulnerability in DerbyNet v9.0 allows a remote attacker to execute arbitrary code via the where Clause in Award Document Rendering...

CVE-2024-30923

SQL Injection vulnerability in DerbyNet v9.0 and below allows a remote attacker to execute arbitrary code via the where Clause in Racer Document Rendering...

DerbyNet 跨站脚本漏洞

DerbyNet is a simple code for match broadcasting projects. A cross-site scripting vulnerability exists in DerbyNet version 9.0 that stems from a failure to properly clean up user input in the document rendering path, which allows injection of malicious script...

DerbyNet 9.0 print/render/racer.inc SQL Injection

CVE ID: CVE-2024-30923 Description: An SQL Injection vulnerability has been discovered in DerbyNet version 9.0, specifically within the print/render/racer.inc component. This vulnerability allows remote attackers to execute arbitrary code and disclose sensitive information by exploiting improper...

Kimai Security Breach

kimai is a web-based multi-user time tracking application from the individual developer of kimai. A security vulnerability exists in Kimai 2.1.0 and prior versions, which stems from vulnerability to a server-side template injection SSTI attack that can be escalated to Remote Code Execution RCE wh...

The vulnerability of the pdfunite.cc component in the Poppler PDF rendering library allows a hacker to cause a service failure.

The vulnerability of the pdfunite.cc component in the Poppler PDF rendering library lies in the lack of flow control before saving the embedded file’s main function within pdfunite.cc. Exploiting this vulnerability could allow a malicious actor to cause service failures...

AntennaHouse DMC HTMLFilter Doc_SetSummary Code Execution Vulnerability(CVE-2016-8382)

Summary An exploitable heap corruption vulnerability exists in the DocSetSummary functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send a malicious doc file to trigger this vulnerability...

CVE-2017-7870

An out-of-bounds write flaw was found in the way Libreoffice rendered certain documents containing Polygon images. By tricking a user into opening a specially crafted LibreOffice file, an attacker could possibly use this flaw to execute arbitrary code with the privileges of the user opening the...

The vulnerability of Google Chrome browser allows a perpetrator to gain access to protected information.

The vulnerability of the PDFium component in the Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to protected information through a specially created PDF file...