PT-2023-17030 · Max Secure · Max Secure Anti Virus Plus

Name of the Vulnerable Software and Affected Versions: Max Secure Anti Virus Plus version 19.0.2.1 Description: A problem was found in the function 0x220019 in the library MaxProctetor64.sys of the component IoControlCode Handler. This issue leads to denial of service and can be launched on the...

CVE-2022-44172

Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function R7WebsSecurityHandler...

CVE-2021-26730

A stack-based buffer overflow vulnerability in a subfunction of the Loginhandlerfunc function of spxrestservice allows an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

CVE-2021-26727

Multiple command injections and stack-based buffer overflows vulnerabilities in the SubNethandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10...

CVE-2021-26730 spx_restservice Login_handler_func Subfunction Stack-Based Buffer Overflow

A stack-based buffer overflow vulnerability in a subfunction of the Loginhandlerfunc function of spxrestservice allows an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

Lanner IAC-AST2500A 安全漏洞

The Lanner IAC-AST2500A is a module and accelerator card from Lanner. It is suitable for Lanner network devices to support remote management and monitoring of system operation based on the IPMI standard. A security vulnerability exists in the Lanner IAC-AST2500A standard firmware version 1.00.0,...

Prototype Pollution

chromium,bullseye and chromium,sid is vulnerable to prototype pollution. The vulnerability exists in the handler function which could be tricked into adding or modifying properties of Object.prototype using a proto payload...

Prototype Pollution

bodymen is vulnerable to prototype pollution. The vulnerability exists in handler function in index.js because the properties of Object.prototype are not properly handled which allows an attacker to inject properties into existing construct prototypes and modify attributes sending a proto payload...

Prototype Pollution in bodymen

The package bodymen from 0.0.0 are vulnerable to Prototype Pollution via the handler function which could be tricked into adding or modifying properties of Object.prototype using a proto payload. Note: This vulnerability derives from an incomplete fix to CVE-2019-10792...

GHSA-VHXC-FHM5-QCP9 Prototype Pollution in bodymen

The package bodymen from 0.0.0 are vulnerable to Prototype Pollution via the handler function which could be tricked into adding or modifying properties of Object.prototype using a proto payload. Note: This vulnerability derives from an incomplete fix to CVE-2019-10792...

CVE-2022-25296

The package bodymen from 0.0.0 are vulnerable to Prototype Pollution via the handler function which could be tricked into adding or modifying properties of Object.prototype using a proto payload. Note: This vulnerability derives from an incomplete fix to CVE-2019-10792...

Design/Logic Flaw

The package bodymen from 0.0.0 are vulnerable to Prototype Pollution via the handler function which could be tricked into adding or modifying properties of Object.prototype using a proto payload. Note: This vulnerability derives from an incomplete fix to CVE-2019-10792...

CVE-2022-25296

The CVE-2022-25296 entry concerns the npm package bodymen. Multiple trusted sources (GHSA and OSV entries) describe a Prototype Pollution flaw in bodymen, where the handler can be tricked into adding or modifying properties on Object.prototype via a proto payload. The vulnerability is tied to an ...

Injection in bodymen

bodymen before 1.1.1 is vulnerable to Prototype Pollution. The handler function could be tricked into adding or modifying properties of Object.prototype using a proto payload...

Prototype Pollution

bodymen is vulnerable to prototype pollution. The vulnerability exists as the handler function accepts a proto payload, allowing the adding or modifying properties of Object.prototype...

Design/Logic Flaw

bodymen before 1.1.1 is vulnerable to Prototype Pollution. The handler function could be tricked into adding or modifying properties of Object.prototype using a proto payload...

Reflecting XSS Vulnerability in CMS Contenido 4.9.x-4.9.5

Advisory: Reflecting XSS Vulnerability in CMS Contenido 4.9.x-4.9.5 Advisory ID: SROEADV-2014-03 Author: Steffen Rцsemann Affected Software: CMS Contenido 4.9.x-4.9.5 Release: 10th Dec 2014 Vendor URL: http://www.contenido.org/de/ Vendor Status: fixed CVE-ID: - ==========================...

CrystalFTP Pro 2.8 - Remote Buffer Overflow Exploit

No description provided by source. / CrystalFTP Pro v2.8 Buffer Overflow Exploit 04/25/2005 despite the fact that nobody uses CrystalFTP i had to release a new version that replaces the first one. this overwrites the structured exception handler with a pop edx pop eax ret in kernel32.dll. this...

Mandriva Update for xorg-x11 MDKSA-2007:079 (xorg-x11)

Check for the Version of xorg-x11 OpenVAS Vulnerability Test Mandriva Update for xorg-x11 MDKSA-2007:079 xorg-x11 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

CA BrightStor ARCserve Backup Tape Engine Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates BrightStor ARCserve Backup. User interaction is not required to exploit this vulnerability. The specific flaw exists in the handling of RPC requests to the Tape Engine service which...