Lucene search
+L

11 matches found

cve
cve
added 2026/06/30 9:6 p.m.20 views

CVE-2026-58448

CVE-2026-58448 affects yudao-cloud (BPM module) prior to 2026.06. A broken access control flaw allows any authenticated user to read arbitrary process instance records by supplying a caller-controlled process-instance identifier to an unprotected GET endpoint that lacks the @PreAuthorize annotati...

7.1CVSS5.9AI score0.00235EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/30 12:0 a.m.10 views

PT-2026-53997

Name of the Vulnerable Software and Affected Versions yudao-cloud versions prior to 2026.06 Description A broken access control issue exists in the BPM module. An authenticated user can access arbitrary process instance records by providing a caller-controlled process-instance identifier to an...

7.1CVSS6AI score0.00235EPSS
Exploits0References8
vulnrichment
vulnrichment
added 2024/06/13 7:40 p.m.16 views

CVE-2024-5950 Deep Sea Electronics DSE855 Multipart Value Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability

Deep Sea Electronics DSE855 Multipart Value Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...

8.8CVSS7.8AI score0.01118EPSS
Exploits0References1
cvelist
cvelist
added 2024/06/13 7:40 p.m.37 views

CVE-2024-5950 Deep Sea Electronics DSE855 Multipart Value Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability

Deep Sea Electronics DSE855 Multipart Value Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...

8.8CVSS0.01118EPSS
Exploits0References1
cve
cve
added 2024/06/13 7:40 p.m.50 views

CVE-2024-5950

CVE-2024-5950 affects Deep Sea Electronics DSE855 devices. The root cause is improper validation of the length of user-supplied data in multipart form handling, copying into a fixed-length stack-based buffer, leading to a stack-based buffer overflow and remote code execution. Exploitation is poss...

8.8CVSS9.1AI score0.01118EPSS
Exploits0References1Affected Software1
zdi
zdi
added 2024/06/13 12:0 a.m.21 views

(0Day) Deep Sea Electronics DSE855 Multipart Value Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of multipart form variables. The issue result...

8.8CVSS7.2AI score0.01118EPSS
Exploits0
susecve
susecve
added 2023/02/15 4:43 a.m.4 views

SUSE CVE-2017-11142

In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/phpvariables.c...

5.3CVSS9.1AI score0.08255EPSS
Exploits0References5
openvas
openvas
added 2017/07/13 12:0 a.m.54 views

PHP < 5.6.31, 7.x < 7.0.17, 7.1.x < 7.1.3 DoS Vulnerability (Jul 2017) - Linux

PHP is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

7.8CVSS8AI score0.08255EPSS
Exploits0References2
osv
osv
added 2017/07/10 2:29 p.m.3 views

UBUNTU-CVE-2017-11142

In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/phpvariables.c...

7.5CVSS6.8AI score0.08255EPSS
Exploits0References5
seebug
seebug
added 2014/07/01 12:0 a.m.18 views

Oatmeal Studios Mail File 1.10 Arbitrary File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1807/info OatMeal studios' Mail-File is a cgi application that allows for sending of certain files to user-specified email addresses via a web interface. A vulnerability exists in this script that can be used to send the...

7.1AI score
Exploits0
openvas
openvas
added 2010/06/25 12:0 a.m.32 views

Ubuntu Update for cups, cupsys vulnerabilities USN-952-1

Ubuntu Update for Linux kernel vulnerabilities USN-952-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9521.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for cups, cupsys vulnerabilities USN-952-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

6.8CVSS0.2AI score0.06468EPSS
Exploits2References2
Rows per page
Query Builder