Lucene search
K

8 matches found

Cvelist
Cvelist
added 2025/12/09 10:44 a.m.18 views

CVE-2025-40830

A vulnerability has been identified in SINEC Security Monitor All versions V4.10.0. The affected application does not have proper authorization checks for the filetransfer feature in ssmctl-client command. This could allow an authenticated, lowly privileged local attacker to read or write to any...

8.4CVSS0.00135EPSS
Exploits0References1
OSV
OSV
added 2025/10/09 9:15 p.m.4 views

CVE-2025-35060

Newforma Info Exchange NIX provides a 'Send a File Transfer' feature that allows a remote, authenticated attacker to upload SVG files that contain JavaScript or other content that may be executed or rendered by a web browser using a mobile user agent...

5.4CVSS5.8AI score0.00196EPSS
Exploits0References2
NVD
NVD
added 2025/10/09 9:15 p.m.6 views

CVE-2025-35060

Newforma Info Exchange NIX provides a 'Send a File Transfer' feature that allows a remote, authenticated attacker to upload SVG files that contain JavaScript or other content that may be executed or rendered by a web browser using a mobile user agent...

5.5CVSS0.00196EPSS
Exploits0References2
CVE
CVE
added 2025/10/09 8:22 p.m.11 views

CVE-2025-35060

CVE-2025-35060 concerns Newforma Info Exchange (NIX): the remote, authenticated attacker can upload SVG files via the Send a File Transfer feature, leading to stored XSS when the SVG content is rendered in a browser (notably with a mobile user agent). Several connected sources corroborate a cross...

5.5CVSS6.4AI score0.00196EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/03/11 10:15 a.m.7 views

CVE-2025-27395

A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0. Affected devices do not properly limit the scope of files accessible through and the privileges of the SFTP functionality. This could allow an authenticated highly-privileged remote attacker to read and...

6.5CVSS5.8AI score0.00609EPSS
Exploits0References1
Prion
Prion
added 2014/09/30 4:55 p.m.23 views

Stack overflow

Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a 1 long file or 2 directory name or the 3 FileTime attribute in a...

6.5CVSS7.9AI score0.0783EPSS
Exploits0References17Affected Software5
UbuntuCve
UbuntuCve
added 2014/09/24 12:0 a.m.34 views

CVE-2014-6055

Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a 1 long file or 2 directory name or the 3 FileTime attribute in a...

6.5CVSS7.6AI score0.0783EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2014/09/23 12:0 a.m.38 views

libvncserver -- multiple security vulnerabilities

Nicolas Ruff reports: Integer overflow in MallocFrameBuffer on client side. Lack of malloc return value checking on client side. Server crash on a very large ClientCutText message. Server crash when scaling factor is set to zero. Multiple stack overflows in File Transfer feature...

7.5CVSS8.9AI score0.08272EPSS
Exploits1References1
Rows per page
Query Builder