Lucene search
K

1079 matches found

Prion
Prion
added 2023/03/31 12:15 p.m.22 views

Code injection

A vulnerability was found in Rockoa 2.3.2. It has been declared as critical. This vulnerability affects unknown code of the file webmainConfig.php of the component Configuration File Handler. The manipulation leads to code injection. The attack can be initiated remotely. The exploit has been...

6.5CVSS9.7AI score0.01636EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2023/03/31 12:0 p.m.64 views

CVE-2023-1773

RockOA Rockoa 2.3.2 is affected by a code injection vulnerability in the Configuration File Handler, specifically the webmainConfig.php file. The underlying issue is unauthorized code execution triggered via the webmainConfig.php component, with remote exploitation possible and public disclosure ...

9.8CVSS8.3AI score0.01636EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/03/31 12:0 a.m.7 views

PT-2023-17233 · Rockoa · Rockoa

Name of the Vulnerable Software and Affected Versions: Rockoa version 2.3.2 Description: A critical issue has been found in the Configuration File Handler component, specifically affecting the webmainConfig.php file. This issue leads to code injection and can be initiated remotely. The exploit fo...

9.8CVSS7.5AI score0.01636EPSS
Exploits0References6
OSV
OSV
added 2023/03/22 12:15 p.m.15 views

CVE-2023-1560

A vulnerability, which was classified as problematic, has been found in TinyTIFF 3.0.0.0. This issue affects some unknown processing of the file tinytiffreader.c of the component File Handler. The manipulation leads to buffer overflow. Attacking locally is a requirement. The exploit has been...

5.5CVSS7.2AI score
Exploits0References4
Prion
Prion
added 2023/03/22 12:15 p.m.17 views

Buffer overflow

A vulnerability, which was classified as problematic, has been found in TinyTIFF 3.0.0.0. This issue affects some unknown processing of the file tinytiffreader.c of the component File Handler. The manipulation leads to buffer overflow. Attacking locally is a requirement. The exploit has been...

1.7CVSS5.7AI score0.00414EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/22 11:31 a.m.25 views

CVE-2023-1560 TinyTIFF File tinytiffreader.c buffer overflow

A vulnerability, which was classified as problematic, has been found in TinyTIFF 3.0.0.0. This issue affects some unknown processing of the file tinytiffreader.c of the component File Handler. The manipulation leads to buffer overflow. Attacking locally is a requirement. The exploit has been...

2.8CVSS7AI score0.00414EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/03/22 11:31 a.m.34 views

CVE-2023-1560 TinyTIFF File tinytiffreader.c buffer overflow

A vulnerability, which was classified as problematic, has been found in TinyTIFF 3.0.0.0. This issue affects some unknown processing of the file tinytiffreader.c of the component File Handler. The manipulation leads to buffer overflow. Attacking locally is a requirement. The exploit has been...

2.8CVSS5.9AI score0.00414EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/03/22 12:0 a.m.12 views

TinyTIFF 安全漏洞

TinyTIFF is a lightweight C/C++ library by Jan W. Krieger, a personal developer. It is capable of reading and writing basic TIFF files. A security vulnerability exists in TinyTIFF version 3.0.0.0, which stems from some unknown processing in the file tinytiffreader.c of the component File Handler,...

5.5CVSS5.3AI score0.00414EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/03/13 12:0 a.m.6 views

Online Pizza Ordering System SQL注入漏洞

Online Pizza Ordering System is an online pizza ordering system by Carlo Montero, an individual developer. A SQL injection vulnerability exists in Online Pizza Ordering System version 1.0, which originates from an unknown function in the file category.php in the component GET Parameter Handler,...

7.5CVSS6.7AI score0.00597EPSS
Exploits1References4
NVD
NVD
added 2023/03/06 8:15 a.m.12 views

CVE-2023-1191

A vulnerability classified as problematic has been found in fastcms. This affects an unknown part of the file admin/TemplateController.java of the component ZIP File Handler. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed t...

7.2CVSS5.5AI score0.00908EPSS
Exploits1References4
Prion
Prion
added 2023/03/06 8:15 a.m.19 views

Path traversal

A vulnerability classified as problematic has been found in fastcms. This affects an unknown part of the file admin/TemplateController.java of the component ZIP File Handler. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed t...

5.8CVSS7AI score0.00908EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/03/06 7:21 a.m.21 views

CVE-2023-1191 fastcms ZIP File TemplateController.java path traversal

A vulnerability classified as problematic has been found in fastcms. This affects an unknown part of the file admin/TemplateController.java of the component ZIP File Handler. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed t...

5.8CVSS7.2AI score0.00908EPSS
Exploits1References4
CVE
CVE
added 2023/03/06 7:21 a.m.52 views

CVE-2023-1191

CVE-2023-1191 affects the fastcms ZIP File Handler, specifically the file path admin/TemplateController.java. Multiple connected sources describe a path traversal vulnerability that can be exploited remotely, with public disclosure of exploits. The initial descriptions note that the product does ...

7.2CVSS5.8AI score0.00908EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/06 12:0 a.m.6 views

The vulnerability of the Malformed File Handler component in the DOPSoft software, which is used for programming operator panels of Delta Electronics, allows a hacker to execute arbitrary code.

The vulnerability of the Malformed File Handler component in DOPSoft software, which is used for programming operator panels by Delta Electronics, relates to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially...

7.8CVSS7.8AI score0.00241EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/03/06 12:0 a.m.5 views

PT-2023-16811 · Fastcms · Fastcms

Name of the Vulnerable Software and Affected Versions: fastcms affected versions not specified Description: A problematic vulnerability has been found in fastcms, affecting an unknown part of the file admin/TemplateController.java of the component ZIP File Handler. The manipulation leads to path...

7.2CVSS5.1AI score0.00908EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2023/02/16 6:41 p.m.37 views

Unwanted access to the entire file system vulnerability due to a missing check in `staticFiles` HTTP handler

Summary Missing check vulnerability in the static file handler allows any client to access the files in the server's file system Details When staticFiles is set in the serve settings in the configuration file, the following handler doesn't check if absolutePath is still under the directory provid...

7.5CVSS0.00336EPSS
Exploits1References5Affected Software2
OSV
OSV
added 2023/02/16 6:37 p.m.18 views

GO-2023-1567 Open redirect in github.com/caddyserver/caddy/v2

Due to improper request sanitization, a crafted URL can cause the static file handler to redirect to an attacker chosen URL, allowing for open redirect attacks...

6.1CVSS6.1AI score0.01431EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:24 a.m.3 views

SUSE CVE-2014-9810

The dpx file handler in ImageMagick allows remote attackers to cause a denial of service segmentation fault and application crash via a malformed dpx file...

5.5CVSS6.7AI score0.01416EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 4:29 a.m.4 views

SUSE CVE-2018-7729

An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScriptMetaHandler::ParsePSFile function in XMPFiles/source/FileHandlers/PostScriptHandler.cpp...

3.3CVSS7.3AI score0.01273EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.3 views

SUSE CVE-2021-3401

Bitcoin Core before 0.19.0 might allow remote attackers to execute arbitrary code when another application unsafely passes the -platformpluginpath argument to the bitcoin-qt program, as demonstrated by an x-scheme-handler/bitcoin handler for a .desktop file or a web browser. NOTE: the discoverer...

9.8CVSS9.7AI score0.10478EPSS
Exploits0References3
Rows per page
Query Builder