16 matches found
EUVD-2025-37331
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SeventhQueen K Elements k-elements allows DOM-Based XSS.This issue affects K Elements: from n/a through 5.5.0...
EUVD-2017-16728
Malware in sbrugna...
EUVD-2025-16899
Malicious code in bioql PyPI...
EUVD-2025-2254
Malicious code in bioql PyPI...
WordPress plugin Miraculous SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin...
The vulnerability of the UPDM_wstpCBCUpdStart() function of the Alpine iLX-507 audio system allows a hacker to execute arbitrary code in the context of the root user.
The vulnerability of the UPDMwstpCBCUpdStart function of the Alpine iLX-507 audio system exists due to the failure to take measures to neutralize certain special elements. Exploiting this vulnerability can allow a hacker to execute arbitrary code under the root user’s context...
CVE-2024-56000 WordPress K Elements plugin < 5.4.0 - Unauthenticated Account Takeover vulnerability
Incorrect Privilege Assignment vulnerability in SeventhQueen K Elements k-elements allows Privilege Escalation.This issue affects K Elements: from n/a through 5.4.0...
NI VeriStand NIVSPRJ File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI VeriStand. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...
The vulnerability of the microprogrammed software for Zyxel NAS326, NAS540, and NAS542 lies in the lack of measures taken to neutralize special elements used in the operating system’s command set. This allows attackers to execute arbitrary code.
The vulnerability of the microprogrammed software for Zyxel NAS326, NAS540, and NAS542 lies in the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially...
Git for Windows 代码问题漏洞
Git for Windows is Git's Git for Windows. A code issue vulnerability exists in Git for Windows versions prior to 2.40.1 that stems from uncontrolled search path elements...
The vulnerability of the Accellion FTA security management system, which stems from the failure to remove special elements used in the operating system’s command set, allows attackers to execute arbitrary commands and gain unauthorized access to protected information.
The vulnerability of the Accellion FTA File Transfer Application security system lies in the lack of measures taken to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows attackers to execute arbitrary commands and gain unauthorized access to...
CVE-2017-5173
An Improper Neutralization of Special Elements in an OS command issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnerability has been identified. If special elements are not properly neutralized, an attacker can call...
CVE-2017-5173
An Improper Neutralization of Special Elements in an OS command issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnerability has been identified. If special elements are not properly neutralized, an attacker can call...
CVE-2004-1050
Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long 1 SRC or 2 NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability."...
VulnCheck KEV: CVE-2004-1050
Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long 1 SRC or 2 NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability."...
CVE-2004-1050
CVE-2004-1050 affects Internet Explorer 6. A heap-based buffer overflow occurs when parsing long NAME or SRC attributes in IFRAME/FRAME/EMBED elements, allowing remote code execution. Exploitation typically involves loading a crafted page; CVSS notes high risk (network exploit, no user interactio...