Cross site request forgery (csrf)

A vulnerability was found in Uniway UW-302VP 2.0. It has been rated as problematic. This issue affects some unknown processing of the file /boaform/wlanbasicset.cgi of the component Admin Web Interface. The manipulation of the argument wlanssid/password leads to cross-site request forgery. The...

Sql injection

A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical. This issue affects some unknown processing of the file general/wiki/cp/ct/view.php. The manipulation of the argument TEMPID leads to sql injection. The attack may be initiated remotely. The exploit has been disclos...

CVE-2023-6905

The CVE-2023-6905 entry affects Jahastech NxFilter 4.3.2.5, specifically the Bind Request Handler’s file processing of user,adap.jsp?actionFlag=test&id=1, which enables LDAP injection. Exploitation can be remote and does not require user interaction. The issue is caused by improper handling withi...

CVE-2023-42907

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution...

CVE-2023-42908

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution...

Memory corruption

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution...

Memory corruption

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution...

Memory corruption

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution...

CVE-2023-42907

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution...

The vulnerability of the CNCSoft-B software and DOPSoft software lies in the possibility of an operation being executed outside the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of CNCSoft-B and DOPSoft software lies in the execution of operations beyond the buffer limits in memory when processing DPA files. Exploiting this vulnerability allows an attacker to execute arbitrary code by opening a specially created malicious file or a specially created...

The vulnerability of the Microsoft Office software package, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Office package is related to insufficient validation of input data during the processing of FBX files. Exploiting this vulnerability allows an attacker to execute arbitrary code...

CVE-2023-6188

A vulnerability was found in GetSimpleCMS 3.3.16/3.4.0a. It has been rated as critical. This issue affects some unknown processing of the file /admin/theme-edit.php. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and ma...

The vulnerability of the H5O_dtypeDecodeHelper() function in the H5Odtype.c component of the HDF5 processing library allows a attacker to cause a service failure.

The vulnerability of the H5OdtypeDecodeHelper in the H5Odtype.c component of the HDF file processing library HDF5 is related to the failure to release resources after their useful lifespan has ended. Exploiting this vulnerability could allow an attacker to cause service interruptions by using a...

Sql injection

A vulnerability, which was classified as critical, has been found in Campcodes Simple Student Information System 1.0. This issue affects some unknown processing of the file /classes/Master.php. The manipulation of the argument f leads to sql injection. The exploit has been disclosed to the public...

CVE-2023-5910

A vulnerability was found in PopojiCMS 2.0.1 and classified as problematic. This issue affects some unknown processing of the file install.php of the component Web Config. The manipulation of the argument Site Title with the input alert1 leads to cross site scripting. The attack may be initiated...

CVE-2023-42856

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. Processing a file may lead to unexpected app termination or arbitrary code execution...

CVE-2023-42856

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. Processing a file may lead to unexpected app termination or arbitrary code execution...

CVE-2023-42856

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. Processing a file may lead to unexpected app termination or arbitrary code execution...

CVE-2023-42856

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. Processing a file may lead to unexpected app termination or arbitrary code execution...

CVE-2023-45663

stbimage is a single file MIT licensed library for processing images. The stbigetn function reads a specified number of bytes from context typically a file into the specified buffer. In case the file stream points to the end, it returns zero. There are two places where its return value is not...