Lucene search
+L

127 matches found

debiancve
debiancve
added 2021/07/27 11:33 p.m.38 views

CVE-2021-37595

In FreeRDP before 2.4.0 on Windows, wfcliprdrserverfilecontentsrequest in client/Windows/wfcliprdr.c has missing input checks for a FILECONTENTSRANGE File Contents Request PDU...

9.8CVSS9.6AI score0.01516EPSS
Exploits0
cnvd
cnvd
added 2021/06/21 12:0 a.m.5 views

Microsoft Print 3D PLY Code Execution Vulnerability

Microsoft Print 3D is a 3D modeling tool developed by Microsoft. The Microsoft Print 3D PLY code execution vulnerability is exploited by remote attackers to submit a special file request that induces the user to parse it, which can crash the application or execute arbitrary code in the applicatio...

8.2AI score
Exploits0References1
osv
osv
added 2021/04/23 4:15 p.m.38 views

CVE-2020-36321

Improper URL validation in development mode handler in com.vaadin:flow-server versions 2.0.0 through 2.4.1 Vaadin 14.0.0 through 14.4.2, and 3.0 prior to 5.0 Vaadin 15 prior to 18 allows attacker to request arbitrary files stored outside of intended frontend resources folder...

7.5CVSS6.5AI score0.01211EPSS
Exploits0References2
cnvd
cnvd
added 2020/12/21 12:0 a.m.1 views

Foxit Reader Out-of-Bounds Write Vulnerability

Foxit Reader is a PDF document reader. Foxit Reader suffers from an out-of-bounds write vulnerability that can be exploited by a remote attacker to submit a special file request, which can be tricked into parsing, crashing the application or executing arbitrary code in the application context...

7.8CVSS7.7AI score0.03554EPSS
Exploits0References1
cnvd
cnvd
added 2020/12/15 12:0 a.m.6 views

Foxit Reader Memory Misreference Vulnerability (CNVD-2021-26395)

Foxit Reader is a PDF document reader. A memory misreference vulnerability exists in Foxit Reader, which allows remote attackers to submit a special file request that can be exploited to trick the user into parsing it, which can crash the application or execute arbitrary code in the application...

8.8CVSS7.6AI score0.66678EPSS
Exploits1References1
cnnvd
cnnvd
added 2020/12/09 12:0 a.m.7 views

Foxit Reader 资源管理错误漏洞

Foxit Reader is a PDF document reader. A memory misreference vulnerability exists in Foxit Reader, which allows remote attackers to submit a special file request that can be exploited to trick the user into parsing it, which can crash the application or execute arbitrary code in the application...

8.8CVSS7.7AI score0.71145EPSS
Exploits1References2
cnvd
cnvd
added 2020/02/04 12:0 a.m.1 views

libyang yyparse() memory misreference vulnerability (CNVD-2020-10246)

libyang is a data modeling language library. A memory misreference vulnerability exists in libyang yyparse, which can be exploited by an attacker to submit a special file request and trick the user into parsing it, which can be used to conduct a denial of service attack or execute arbitrary code...

8.8CVSS7.3AI score0.02488EPSS
Exploits0References1
cnvd
cnvd
added 2020/02/04 12:0 a.m.3 views

libyang lys_extension_instances_free() memory misreference vulnerability

libyang is a data modeling language library. A memory misreference vulnerability exists in libyang lysextensioninstancesfree, which can be exploited by an attacker to submit a special file request and trick the user into parsing it, which can be used in a denial of service attack...

6.5CVSS6.8AI score0.01818EPSS
Exploits1References1
cnvd
cnvd
added 2019/05/08 12:0 a.m.1 views

Wecon PIStudio HSC File Parsing Out-of-Bounds Write Code Execution Vulnerability

Wecon PIStudio is an HMI software. An out-of-bounds write code execution vulnerability exists in Wecon PIStudio HSC file parsing, which allows remote attackers to exploit the vulnerability by submitting a special file request and tricking the user into parsing it, which can crash the application ...

8.3AI score
Exploits0References1
cnvd
cnvd
added 2018/11/15 12:0 a.m.4 views

Adobe Photoshop CC Remote Information Disclosure Vulnerability

Adobe Photoshop CC is the latest set of image processing and drawing software. A remote information disclosure vulnerability exists in Adobe Photoshop CC, which allows remote attackers to exploit the vulnerability by submitting a special file request and tricking the user into parsing it, which...

7.5CVSS7.1AI score0.07879EPSS
Exploits0References1
cnvd
cnvd
added 2018/11/15 12:0 a.m.22 views

Adobe Flash Player Remote Information Disclosure Vulnerability

Adobe Flash Player is a cross-platform, browser-based multimedia player product. A remote information disclosure vulnerability exists in Adobe Flash Player, which allows remote attackers to exploit the vulnerability by submitting a special file request and tricking the user into parsing it, which...

7.5CVSS7.2AI score0.0743EPSS
Exploits0References1
cnvd
cnvd
added 2018/06/27 12:0 a.m.4 views

Natus Xltek NeuroWorks Buffer Overflow Vulnerability (CNVD-2018-12133)

Natus Xltek NeuroWorks is a suite of versatile software platforms for EEG testing, long-term monitoring, ICU monitoring and sleep studies from Natus Medical, USA. A buffer overflow vulnerability exists in the RequestForPatientInfoEEGfile feature in Natus Xltek NeuroWorks version 8. A remote...

10CVSS9.6AI score0.03436EPSS
Exploits0References1
cnvd
cnvd
added 2018/04/27 12:0 a.m.5 views

Vaultize Enterprise File Sharing Cross-Site Scripting Vulnerability

Vaultize Enterprise File Sharing is an enterprise file sharing solution from Vaultize Technologies, USA. The solution includes features such as data retention management, versioning, secure data handling, data backup and recovery. A cross-site scripting vulnerability exists in Vaultize Enterprise...

5.4CVSS6AI score0.00624EPSS
Exploits0References1
nvd
nvd
added 2018/04/25 6:29 p.m.17 views

CVE-2018-10206

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is Stored XSS via the optional message field of a file request...

5.4CVSS5.2AI score0.00624EPSS
Exploits0References2
osv
osv
added 2018/04/25 6:29 p.m.6 views

CVE-2018-10206

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is Stored XSS via the optional message field of a file request...

5.4CVSS5.8AI score0.00624EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2018/04/25 12:0 a.m.7 views

PT-2018-9752 · Vaultize · Vaultize Enterprise File Sharing

Name of the Vulnerable Software and Affected Versions: Vaultize Enterprise File Sharing version 17.05.31 Description: An issue was discovered that allows for Stored XSS via the optional message field of a file request. Recommendations: For Vaultize Enterprise File Sharing version 17.05.31, consid...

5.4CVSS5.2AI score0.00624EPSS
Exploits0References4
cnvd
cnvd
added 2018/04/11 12:0 a.m.6 views

Monstra CMS Remote Code Execution Vulnerability

Monstra CMS is a lightweight PHP-based content management system CMS developed by Ukrainian software developer Sergey Romanenko. The system is easy to install and use, scalable and so on. A security vulnerability exists in Monstra CMS version 3.0.4. The vulnerability can be exploited by a remote...

8.8CVSS7.4AI score0.02919EPSS
Exploits5References1
cnvd
cnvd
added 2018/03/02 12:0 a.m.51 views

Leptonica pixHtmlViewer prog/htmlviewer.c memory access vulnerability

Leptonica is an open source image processing and image analysis library. A security vulnerability in Leptonica pixHtmlViewer prog/htmlviewer.c allows remote attackers to exploit the vulnerability by submitting a special file request that induces the user to parse it, which can crash the applicati...

9.8CVSS7.4AI score0.02491EPSS
Exploits0References1
osv
osv
added 2018/01/16 12:0 a.m.3 views

UBUNTU-CVE-2018-5712

An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file...

6.1CVSS6.9AI score0.79949EPSS
Exploits0References7
osv
osv
added 2017/12/30 4:29 a.m.3 views

CVE-2017-17993

Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=additiondeduction request...

5.4CVSS5.8AI score0.00542EPSS
Exploits1References1
Rows per page
Query Builder