32 matches found
EUVD-2023-41134
Malicious code in bioql PyPI...
CVE-2019-17667
Comtech H8 Heights Remote Gateway 2.5.1 devices allow XSS and HTML injection via the Site Name aka SiteName field...
CometBFT 安全漏洞
CometBFT is a Byzantine Fault Tolerant BFT middleware open-sourced by CometBFT that employs state-translation machines written in any programming language and can be replicated securely on many machines. CometBFT suffers from a security vulnerability that stems from a failure to check for...
PT-2025-5350
Name of the Vulnerable Software and Affected Versions CometBFT versions prior to 0.38.17 CometBFT versions prior to 1.0.1 Description CometBFT is a distributed, Byzantine fault-tolerant, deterministic state machine replication engine. In the blocksync protocol, peers send their base and latest...
maverickheights.com Cross Site Scripting vulnerability OBB-3638111
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-37214
Heights Telecom ERO1xS-Pro Dual-Band FW version BZERO1XP.025...
CVE-2023-37214
Heights Telecom ERO1xS-Pro Dual-Band FW version BZERO1XP.025...
CVE-2023-37214
CVE-2023-37214 concerns Heights Telecom ERO1xS-Pro Dual-Band FW version BZ_ERO1XP.025 . CNNVD reports a command injection vulnerability in this device/firmware. Connected documents provide limited technical detail: no explicit root cause, vulnerable component, exploit details, or CVSS data beyond...
CVE-2023-37214 Heights Telecom ERO1xS-Pro Dual-Band WiFi command injection
Heights Telecom ERO1xS-Pro Dual-Band FW version BZERO1XP.025...
Heights Telecom ERO1xS-Pro 命令注入漏洞
Heights Telecom ERO1xS-Pro is a Dual-Band WiFi6 AX5400 MESH Extender from Heights Telecom. A security vulnerability exists in Heights Telecom ERO1xS-Pro Dual-Band FW BZERO1XP.025 version, which stems from the presence of a command injection vulnerability...
PT-2023-25832 · Heights Telecom · Heights Telecom Ero1Xs-Pro Dual-Band
Name of the Vulnerable Software and Affected Versions: Heights Telecom ERO1xS-Pro Dual-Band FW version BZ ERO1XP.025 Description: The issue affects Heights Telecom ERO1xS-Pro Dual-Band devices. No information is provided about the estimated number of potentially affected devices worldwide or...
gemheights.in Cross Site Scripting vulnerability OBB-3459333
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
SUSE CVE-2017-17081
The gmcmmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attackers to cause a denial of service integer signedness error and out-of-array read via a crafted MPEG file...
armandheights.com Improper Access Control vulnerability OBB-2275382
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
EulerOS 2.0 SP3 : poppler (EulerOS-SA-2021-1112)
According to the versions of the poppler packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by...
February 10, 2015 update for SharePoint Server 2010 (KB2899589)
February 10, 2015 update for SharePoint Server 2010 KB2899589 This article describes update KB2899589 for Microsoft SharePoint Server 2010 that was released on February 10, 2015. This update has a prerequisite. Improvements and Fixes Fixes the following issue: Assume that you open an Excel workbo...
CVE-2019-17667
Comtech H8 Heights Remote Gateway 2.5.1 devices allow XSS and HTML injection via the Site Name aka SiteName field...
CVE-2019-17667
Comtech H8 Heights Remote Gateway 2.5.1 devices allow XSS and HTML injection via the Site Name aka SiteName field...
Cross site scripting
Comtech H8 Heights Remote Gateway 2.5.1 devices allow XSS and HTML injection via the Site Name aka SiteName field...
CVE-2019-17667
Summary of CVE-2019-17667 : Affected product is the Comtech H8 Heights Remote Gateway, version 2.5.1. The cited issue is an XSS/HTML injection vulnerability exposed through the SiteName field. The connected PT-2019-15246 entry confirms the affected software/versions and provides a concrete remedi...