CVE-2019-20525

Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp driver parameter...

CVE-2025-40152

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix bootup splat with separategpudrm modparam The drmgemforeachgpuvmbo call from lookupvma accesses drmgemobj.gpuva.list, which is not initialized when the drm driver does not support DRIVERGEMGPUVA feature. Enable it fo...

ghostscript: OPVP device arbitrary code execution via custom Driver library

A flaw was found in Ghostscript. The "Driver" parameter for the "opvp"/"oprp" device specifies the name of a dynamic library and allows any library to be loaded. This flaw allows a malicious user to send a specially crafted document that, when processed by Ghostscript, could potentially lead to...

ghostscript: OPVP device arbitrary code execution via custom Driver library

A flaw was found in Ghostscript. The "Driver" parameter for the "opvp"/"oprp" device specifies the name of a dynamic library and allows any library to be loaded. This flaw allows a malicious user to send a specially crafted document that, when processed by Ghostscript, could potentially lead to...

ghostscript: OPVP device arbitrary code execution via custom Driver library

A flaw was found in Ghostscript. The "Driver" parameter for the "opvp"/"oprp" device specifies the name of a dynamic library and allows any library to be loaded. This flaw allows a malicious user to send a specially crafted document that, when processed by Ghostscript, could potentially lead to...

ghostscript: OPVP device arbitrary code execution via custom Driver library

A flaw was found in Ghostscript. The "Driver" parameter for the "opvp"/"oprp" device specifies the name of a dynamic library and allows any library to be loaded. This flaw allows a malicious user to send a specially crafted document that, when processed by Ghostscript, could potentially lead to...

ghostscript: OPVP device arbitrary code execution via custom Driver library

A flaw was found in Ghostscript. The "Driver" parameter for the "opvp"/"oprp" device specifies the name of a dynamic library and allows any library to be loaded. This flaw allows a malicious user to send a specially crafted document that, when processed by Ghostscript, could potentially lead to...

AMD Secure Processor 安全漏洞

AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. A security vulnerability exists in AMD Secure Processor ASP, which arises from improper parameter handling in the driver and could allow an attacker with privileges to elevate privileges, resulting in a...

CVE-2022-39810

An issue was discovered in WSO2 Enterprise Integrator 6.4.0. A Reflected Cross-Site Scripting XSS vulnerability has been identified in the Management Console under /carbon/ndatasource/validateconnection/ajaxprocessor.jsp via the driver parameter. Session hijacking or similar attacks would not be...

PT-2022-25008 · Wso2 · Wso2 Enterprise Integrator

Name of the Vulnerable Software and Affected Versions: WSO2 Enterprise Integrator version 6.4.0 Description: A Reflected Cross-Site Scripting XSS issue has been identified in the Management Console under "/carbon/ndatasource/validateconnection/ajaxprocessor.jsp" via the driver parameter. This cou...

WSO2 Enterprise Integrator 跨站脚本漏洞

WSO2 Enterprise Integrator is the United States WSO2 company's set of open source hybrid integration platform. The platform supports communication between multiple applications. A security vulnerability exists in WSO2 Enterprise Integrator version 6.4.0, which stems from reflective cross-site...

Huawei Honor V10 out-of-bounds reading vulnerability (CNVD-2020-27114)

Huawei Honor V10 is a smartphone product from Chinese company Huawei Huawei. An out-of-bounds read vulnerability exists in previous versions of Huawei Honor V10 10.0.0.156 C00E156R2P4, which stems from a driver that does not adequately verify incoming parameters, and can be exploited by an attack...

CVE-2019-20525

Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp driver parameter...