64 matches found
CVE-2026-6841
Request Tracker is vulnerable to a reflected cross-site scripting XSS vulnerability via the "Page" parameter in GET requests. An attacker can craft a URL that, when opened, results in arbitrary JavaScript execution in the victim’s browser. This vulnerability affects versions from 5.0.4 up to 5.0....
PT-2026-42461
Name of the Vulnerable Software and Affected Versions Request Tracker versions 5.0.4 through 5.0.9 Request Tracker versions 6.0.0 through 6.0.2 Description Reflected cross-site scripting XSS occurs via the Page parameter in GET requests. This allows an attacker to craft a URL that executes...
CVE-2026-35215
CVE-2026-35215 – Firebird DoS via crafted slice packet Firebird, an open-source RDBMS, has a vulnerability in the sdl_desc() function across affected series prior to 5.0.4, 4.0.7, and 3.0.14. The function does not validate the length of a decoded SDL descriptor from a slice packet; a zero-length ...
Firebird 安全漏洞
Firebird is a set of open-source, cross-platform relational database management systems provided by the Firebird Foundation, which include multiple ANSI SQL-92 functions. Vulnerabilities exist in versions prior to Firebird 5.0.4, 4.0.7, and 3.0.14. These vulnerabilities stem from the assumption...
CVE-2024-32537 WordPress Flash Video Player plugin <= 5.0.4 - CSRF to XSS vulnerability
Cross-Site request forgery CSRF vulnerability in joshuae1974 Flash Video Player allows Cross Site Request Forgery.This issue affects Flash Video Player: from n/a through 5.0.4...
CVE-2024-32537
Cross-Site request forgery CSRF vulnerability in joshuae1974 Flash Video Player allows Cross Site Request Forgery.This issue affects Flash Video Player: from n/a through 5.0.4...
CVE-2025-52870
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 2026/01/20 and...
CVE-2025-57711
An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of...
CVE-2025-48722
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...
CVE-2025-57710
An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of...
CVE-2025-54146
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...
CVE-2025-53598
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...
CVE-2025-52868
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 2026/01/20 and...
CVE-2025-30276
An out-of-bounds write vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 2026/01/20 and la...
CVE-2025-47209
CVE-2025-47209 : A NULL pointer dereference affects Qsync Central . If a remote attacker gains a user account , they can trigger a DoS . The issue is fixed in Qsync Central 5.0.0.4 (2026-01-20) and later; CVSS-like metrics indicate low privileges and network access with no user interaction. Explo...
CVE-2025-48723
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 2026/01/20 and...
CVE-2025-52869
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 2026/01/20 and...
CVE-2025-52870 Qsync Central
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 2026/01/20 and...
CVE-2025-52870
CVE-2025-52870 is a buffer‑overflow vulnerability in Qsync Central. The issue allows a remote attacker who has a user account to exploit memory corruption or crash processes. Public details identify the affected software as Qsync Central, with the root cause described as a buffer overflow. remedi...
CVE-2025-54146
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...