12 matches found
CVE-2025-62526
OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, ubusd contains a heap buffer overflow in the event registration parsing code. This allows an attacker to modify the head and potentially execute arbitrary code in the context of the ubus daemon. The...
CVE-2025-62526
OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, ubusd contains a heap buffer overflow in the event registration parsing code. This allows an attacker to modify the head and potentially execute arbitrary code in the context of the ubus daemon. The...
UBUNTU-CVE-2025-62526
OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, ubusd contains a heap buffer overflow in the event registration parsing code. This allows an attacker to modify the head and potentially execute arbitrary code in the context of the ubus daemon. The...
OpenWrt 安全漏洞
OpenWrt is the OpenWrt open source set of Linux operating systems for embedded devices. A security vulnerability exists in versions prior to OpenWrt 24.10.4 that stems from a heap buffer overflow in the event registration parsing code, which could lead to the execution of arbitrary code and bypas...
PT-2025-43011
Name of the Vulnerable Software and Affected Versions OpenWrt versions prior to 24.10.4 Description OpenWrt Project is a Linux operating system designed for embedded devices. A heap buffer overflow exists in the event registration parsing code within the ubusd daemon. This allows an attacker to...
EUVD-2014-8144
Malware in sbrugna...
CVE-2014-8303
Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4 and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to event parsing...
GO-2022-0952 Incorrect event parsing in github.com/matrix-org/gomatrixserverlib
Power level parsing does not parse the "eventsdefault" key of the m.room.powerlevels event, setting the event default power level to zero in all cases. This can cause events to be improperly accepted or rejected in rooms where the eventdefault power level has been changed...
FreeBSD : dendrite -- Incorrect parsing of the event default power level in event auth (d658042c-1c98-11ed-95f8-901b0e9408dc)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d658042c-1c98-11ed-95f8-901b0e9408dc advisory. - Dendrite team reports: The power level parsing within gomatrixserverlib was failing to parse the...
Fedora 20 : php-horde-kronolith-4.2.4-1.fc20 (2014-16397)
kronolith 4.2.4 - jan Make access to non-CalDAV remote calendars faster Bug 12379. - jan Continue with further events if parsing of one remote event date fails. - jan Fix JS error in month view with more events today than the maximum threshold. - mjr Fix fatal error when creating or modifying an...
CVE-2014-8303
Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4 and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to event parsing...
CVE-2014-8303
Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4 and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to event parsing...