Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2025/10/23 3:13 p.m.5 views

CVE-2025-62526

OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, ubusd contains a heap buffer overflow in the event registration parsing code. This allows an attacker to modify the head and potentially execute arbitrary code in the context of the ubus daemon. The...

7.9CVSS8AI score0.00245EPSS
Exploits0References1
NVD
NVD
added 2025/10/22 3:16 p.m.7 views

CVE-2025-62526

OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, ubusd contains a heap buffer overflow in the event registration parsing code. This allows an attacker to modify the head and potentially execute arbitrary code in the context of the ubus daemon. The...

7.9CVSS0.00245EPSS
Exploits0References7
OSV
OSV
added 2025/10/22 3:16 p.m.3 views

UBUNTU-CVE-2025-62526

OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, ubusd contains a heap buffer overflow in the event registration parsing code. This allows an attacker to modify the head and potentially execute arbitrary code in the context of the ubus daemon. The...

7.9CVSS6.4AI score0.00245EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.5 views

OpenWrt 安全漏洞

OpenWrt is the OpenWrt open source set of Linux operating systems for embedded devices. A security vulnerability exists in versions prior to OpenWrt 24.10.4 that stems from a heap buffer overflow in the event registration parsing code, which could lead to the execution of arbitrary code and bypas...

7.9CVSS7.4AI score0.00245EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/10/21 12:0 a.m.6 views

PT-2025-43011

Name of the Vulnerable Software and Affected Versions OpenWrt versions prior to 24.10.4 Description OpenWrt Project is a Linux operating system designed for embedded devices. A heap buffer overflow exists in the event registration parsing code within the ubusd daemon. This allows an attacker to...

7.9CVSS7.5AI score0.00245EPSS
Exploits0References23
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-8144

Malware in sbrugna...

4.3CVSS6.3AI score0.01351EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 1:0 a.m.11 views

CVE-2014-8303

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4 and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to event parsing...

4.3CVSS5.8AI score0.01351EPSS
Exploits0References1
OSV
OSV
added 2022/08/22 6:8 p.m.30 views

GO-2022-0952 Incorrect event parsing in github.com/matrix-org/gomatrixserverlib

Power level parsing does not parse the "eventsdefault" key of the m.room.powerlevels event, setting the event default power level to zero in all cases. This can cause events to be improperly accepted or rejected in rooms where the eventdefault power level has been changed...

8.8CVSS6.5AI score0.0065EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/08/16 12:0 a.m.8 views

FreeBSD : dendrite -- Incorrect parsing of the event default power level in event auth (d658042c-1c98-11ed-95f8-901b0e9408dc)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d658042c-1c98-11ed-95f8-901b0e9408dc advisory. - Dendrite team reports: The power level parsing within gomatrixserverlib was failing to parse the...

5.6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/12/15 12:0 a.m.19 views

Fedora 20 : php-horde-kronolith-4.2.4-1.fc20 (2014-16397)

kronolith 4.2.4 - jan Make access to non-CalDAV remote calendars faster Bug 12379. - jan Continue with further events if parsing of one remote event date fails. - jan Fix JS error in month view with more events today than the maximum threshold. - mjr Fix fatal error when creating or modifying an...

5.5AI score
Exploits0References1
NVD
NVD
added 2014/10/16 7:55 p.m.16 views

CVE-2014-8303

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4 and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to event parsing...

4.3CVSS5.6AI score0.01351EPSS
Exploits0References2
Cvelist
Cvelist
added 2014/10/16 7:0 p.m.31 views

CVE-2014-8303

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4 and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to event parsing...

5.6AI score0.01351EPSS
Exploits0References2
Rows per page
Query Builder