CVE-2023-2926

A vulnerability was found in SeaCMS 11.6 and classified as problematic. This issue affects some unknown processing of the file member.php of the component Picture Upload Handler. The manipulation of the argument oldpic leads to denial of service. The attack may be initiated remotely. The exploit...

CVE-2023-27946

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution...

CVE-2023-2520

A vulnerability was found in Caton Prime 2.1.2.51.e8d7225049202303031001 and classified as critical. This issue affects some unknown processing of the file cgi-bin/toolsping.cgi?action=Command of the component Ping Handler. The manipulation of the argument Destination leads to command injection...

Sql injection

A vulnerability was found in SourceCodester Faculty Evaluation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin/managerestriction.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The explo...

The vulnerability of the PEMReadBioEx() function in the OpenSSL cryptographic library, which allows a hacker to trigger a denial-of-service attack

The vulnerability of the PEMReadbioex function in the OpenSSL cryptographic library is related to the repeated memory release during the processing of PEM files. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using a specially created PEM file...

CVE-2023-2214

A vulnerability was found in Campcodes Coffee Shop POS System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/sales/managesale.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has...

CVE-2023-2095

A vulnerability was found in SourceCodester Vehicle Service Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/maintenance/managecategory.php. The manipulation of the argument id leads to sql injection. The attack may be initiated...

CVE-2023-2077

A vulnerability, which was classified as problematic, has been found in Campcodes Online Traffic Offense Management System 1.0. This issue affects some unknown processing of the file /admin/offenses/viewdetails.php. The manipulation of the argument id leads to cross site scripting. The attack may...

Cross site scripting

A vulnerability, which was classified as problematic, has been found in Campcodes Online Traffic Offense Management System 1.0. This issue affects some unknown processing of the file /admin/offenses/viewdetails.php. The manipulation of the argument id leads to cross site scripting. The attack may...

CVE-2023-2039

A vulnerability was found in novel-plus 3.6.2. It has been rated as critical. This issue affects some unknown processing of the file /author/list?limit=10&offset=0&order=desc. The manipulation of the argument sort leads to sql injection. The attack may be initiated remotely. The exploit has been...

Sql injection

A vulnerability was found in novel-plus 3.6.2. It has been rated as critical. This issue affects some unknown processing of the file /author/list?limit=10&offset=0&order=desc. The manipulation of the argument sort leads to sql injection. The attack may be initiated remotely. The exploit has been...

ROS-20230411-01

The CairoSVG SVG converter vulnerability is related to insufficient validation of user input during the SVG file processing. Exploitation of the vulnerability could allow an attacker acting remotely, access sensitive data located on a local network or send malicious requests to other servers from...

SUSE CVE-2021-33642

When a file is processed, an infinite loop occurs in nextinline of the morecurly function...

CVE-2021-33642

When a file is processed, an infinite loop occurs in nextinline of the morecurly function...

CVE-2022-2561

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OPC Labs QuickOPC 2022.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

The vulnerability of Adobe Dimension’s 3D design software lies in its software, which allows a malicious actor to execute arbitrary code after memory is freed.

The vulnerability of Adobe Dimension’s 3D design software relates to the use of memory after it is freed during the processing of USD files. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malicious file...

CVE-2023-27586

CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when processing SVG files. A malicious actor could send a specially crafted SVG file that allows them to perform a server-side request forgery or denial of service...

PT-2023-1926 · Adobe · Dimension

Name of the Vulnerable Software and Affected Versions: Adobe Dimension versions 3.4.7 and earlier Description: The issue is related to an out-of-bounds write vulnerability in Adobe Dimension when processing OBJ files. This can allow an attacker to execute arbitrary code with the help of a special...

Design/Logic Flaw

A vulnerability was found in ualbertalib NEOSDiscovery 1.0.70 and classified as problematic. This issue affects some unknown processing of the file app/views/bookmarks/refworks.html.erb. The manipulation leads to use of web link to untrusted target with window.opener access. The attack may be...

SUSE CVE-2017-5651

In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in t...