Lucene search
K

64 matches found

CNNVD
CNNVD
added 2024/09/11 12:0 a.m.3 views

Heating Network Wireless Monitoring System SQL注入漏洞

Star Measurement and Control Heating Network Wireless Monitoring System is a heating management system from Star Measurement and Control. A SQL injection vulnerability exists in Heating Network Wireless Monitoring System version 5.6.2, which stems from an operation of the GetDataKindByType functi...

6.5CVSS7AI score0.00388EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/08/18 12:0 a.m.5 views

PT-2024-38688 · Anhui Deshun Intelligent Technology · Jielink+ Jsotc2016

Name of the Vulnerable Software and Affected Versions: Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805 Description: A vulnerability has been found in the software, classified as problematic, and affects an unknown functionality of the file...

9.8CVSS5AI score0.00726EPSS
Exploits1References13
CNNVD
CNNVD
added 2024/01/08 12:0 a.m.5 views

iparking SQL Injection Vulnerability

iparking is fhsopensource open source a parking fee management system . iparking 1.5.22.RELEASE version of the SQL injection vulnerability , the vulnerability stems from the function getData SQL injection vulnerability...

9.8CVSS8AI score0.00706EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/12/27 12:0 a.m.10 views

PT-2024-1381

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.10 Description The issue is related to the smb2 get data area len function in the fs/smb/server/smb2misc.c file of the KSMBD file system in the Linux kernel. It is associated with an out-of-bounds access in t...

9.8CVSS8.5AI score0.17442EPSS
Exploits1References109
RedHat Linux
RedHat Linux
added 2023/11/29 12:12 p.m.12 views

python-werkzeug: high resource usage when parsing multipart form data with many fields

A flaw was found in python-werkzeug. Werkzeug is multipart form data parser, that will parse an unlimited number of parts, including file parts. These parts can be a small amount of bytes, but each requires CPU time to parse, and may use more memory as Python data. If a request can be made to an...

7.5CVSS7AI score0.0142EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2023/11/14 12:0 a.m.7 views

The vulnerability in the get_data function of the binutils/nm.c component of the GNU Binutils development environment allows a attacker to cause a service failure.

The vulnerability of the getdata function in the binutils/nm.c component of the GNU Binutils development environment is related to improper memory release before deleting the last reference. Exploiting this vulnerability allows an attacker to cause a service failure...

5.5CVSS5.5AI score0.00275EPSS
Exploits1References8Affected Software3
Positive Technologies
Positive Technologies
added 2023/11/08 12:0 a.m.2 views

PT-2023-35568 · Git +1 · Lcms

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A crash was reported due to an unknown read issue. The crash involves the function cmsIT8GetDataRowColDbl and is related to the file cms cgats fuzzer.c. ...

6.9AI score
Exploits0References2
OSV
OSV
added 2023/08/22 7:16 p.m.4 views

DEBIAN-CVE-2020-19724

A memory consumption issue in getdata function in binutils/nm.c in GNU nm before 2.34 allows attackers to cause a denial of service via crafted command...

5.5CVSS4.8AI score0.00275EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/08/22 12:0 a.m.5 views

GNU Binutils 安全漏洞

GNU Binutils is a set of open source tools for working with binary files such as target files, executables, libraries, etc., mainly used in the areas of compilation, debugging, reverse engineering and so on. A denial of service vulnerability exists in GNU Binutils, which stems from a memory...

5.5CVSS7.3AI score0.00275EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:15 a.m.6 views

SUSE CVE-2006-2200

Stack-based buffer overflow in libmms, as used by a MiMMS 0.0.9 and b xine-lib 1.1.0 and earlier, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via the 1 sendcommand, 2 stringutf16, 3 getdata, and 4 getmediapacket functions, and possibl...

5.1CVSS8.2AI score0.04262EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:35 a.m.3 views

SUSE CVE-2017-18257

The getdatablock function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service integer overflow and loop via crafted use of the open and fallocate system calls with an FSIOCFIEMAP ioctl...

5.5CVSS6AI score0.00393EPSS
Exploits0References8
CNNVD
CNNVD
added 2022/01/06 12:0 a.m.6 views

BMC Community Track-It! 授权问题漏洞

BMC Community Track-It! is an It helpdesk software from BMC Community USA. It is used for help desks and helpdesks with asset management. An authorization issue vulnerability exists in BMC Community Track-It! that originates in the GetData endpoint. The issue is caused due to a lack of...

6.5CVSS5.8AI score0.00757EPSS
Exploits0References4
OSV
OSV
added 2021/10/13 11:15 p.m.6 views

CVE-2021-40493

Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason API...

9.8CVSS5.8AI score0.50209EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/04/30 12:0 a.m.7 views

Dell Hybrid Client 信息泄露漏洞

DELL Dell Hybrid Client is a software application from Dell USA Inc. It provides a client computing software with hybrid cloud management capabilities. An information disclosure vulnerability exists in Dell Hybrid Client versions prior to 1.5, which can be exploited by attackers to obtain sensiti...

6.2CVSS5.6AI score0.00235EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/10/01 12:0 a.m.4 views

PT-2020-6940 · Gnu +2 · Gnu Nm +2

Name of the Vulnerable Software and Affected Versions: GNU nm versions prior to 2.34 Description: The issue is related to a memory consumption problem in the get data function in binutils/nm.c. This allows attackers to cause a denial of service via crafted commands. The vulnerability is associate...

8.8CVSS6.1AI score0.00698EPSS
Exploits8References48
CNVD
CNVD
added 2018/04/26 12:0 a.m.4 views

Linux kernel denial of service vulnerability (CNVD-2018-10154)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'getdatablock' function in the fs/f2fs/data.c file in Linux kernel versions prior to 4.11. A local attacker could exploit this...

5.5CVSS8.5AI score0.00393EPSS
Exploits0References1
Prion
Prion
added 2017/10/27 8:29 p.m.19 views

Design/Logic Flaw

Artica Pandora FMS version 7.0 leaks a full installation pathname via GET data when intercepting the main page's graph requisition. This also implies that general OS information is leaked e.g., a /var/www pathname typically means Linux or UNIX...

4CVSS6.4AI score0.01016EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/10/27 8:0 p.m.23 views

CVE-2017-15937

Artica Pandora FMS version 7.0 leaks a full installation pathname via GET data when intercepting the main page's graph requisition. This also implies that general OS information is leaked e.g., a /var/www pathname typically means Linux or UNIX...

6.4AI score0.01016EPSS
Exploits0References1
CNVD
CNVD
added 2017/05/23 12:0 a.m.5 views

Sierra Wireless GX440 weak password storage vulnerability (CNVD-2017-10185)

The Sierra Wireless GX440 is a gateway device from Sierra Wireless Canada. The Sierra Wireless GX440 suffers from a weak password storage vulnerability that can be exploited by a remote attacker to submit a special request and obtain sensitive information...

9.8CVSS7AI score0.01342EPSS
Exploits1References1
0day.today
0day.today
added 2014/10/28 12:0 a.m.29 views

vBulletin 4.x Verify Email Before Registration Plugin - SQL Injection Vulnerability

Exploit for php platform in category web applications Title: vBulletin Verify Email Before Registration Plugin - SQL Injection Date: September 19 2014 Version: Any vBulletin 4.. version which has the plugin installed. Plugin: http://www.vbulletin.org/forum/showthread.php?t=294164 Author: Dave FW/...

7.1AI score
Exploits0
Rows per page
Query Builder