350 matches found
Out-of-bounds
A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 7. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the curre...
CVE-2023-22022
...
Sql injection
A vulnerability classified as critical was found in SourceCodester Lost and Found Information System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=items/manageitem of the component GET Parameter Handler. The manipulation of the argument id leads to sql...
gayanwathsala.com Cross Site Scripting vulnerability OBB-3271260
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Goldoson Android Malware Found in 60 Apps with 100M Downloads
By Deeba Ahmed The malware was identified by cybersecurity researchers at McAfee. This is a post from HackRead.com Read the original post: Goldoson Android Malware Found in 60 Apps with 100M Downloads...
CVE-2023-21999
...
CVE-2023-21926
...
GHSA-CJR9-MR35-7XH6 vulnerabilities
Vulnerabilities for packages: spicedb...
PT-2023-11940 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: No vulnerable software or affected versions specified. Description: The provided information does not contain details about a specific vulnerability. It appears to be a notification about a rejected candidate number from the National...
Sql injection
A vulnerability has been found in SourceCodester Automatic Question Paper Generator System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file admin/courses/viewcourse.php of the component GET Parameter Handler. The manipulation of the argument i...
Crossplane-runtime contains Improper Input Validation via Compositions
Summary Fuzz testing, by Ada Logics and sponsored by the CNCF, identified a vulnerability in the fieldpath package from crossplane/crossplane-runtime that an already highly privileged Crossplane user able to create or update Compositions could leverage to cause an out of memory panic in Crossplan...
CVE-2023-1156 SourceCodester Health Center Patient Record Management System fecalysis_form.php cross site scripting
A vulnerability classified as problematic was found in SourceCodester Health Center Patient Record Management System 1.0. This vulnerability affects unknown code of the file admin/fecalysisform.php. The manipulation of the argument itrno leads to cross site scripting. The attack can be initiated...
SUSE CVE-2011-1407
The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity...
CVE-2023-21854
...
CVE-2014-125078 yanheven console horizon.instances.js cross site scripting
A vulnerability was found in yanheven console and classified as problematic. Affected by this issue is some unknown functionality of the file horizon/static/horizon/js/horizon.instances.js. The manipulation leads to cross site scripting. The attack may be launched remotely. The patch is identifie...
CVE-2021-4309
A vulnerability, which was classified as problematic, has been found in 01-Scripts 01ACP. This issue affects some unknown processing. The manipulation of the argument $SERVER'SCRIPTNAME' leads to cross site scripting. The attack may be initiated remotely. The identifier of the patch is...
K92859602: BIG-IP TMM iRules vulnerability CVE-2016-5024
Security Advisory Description Virtual servers in F5 BIG-IP systems 11.6.1 before 11.6.1 HF1 and 12.1.x before 12.1.2, when configured to parse RADIUS messages via an iRule, allow remote attackers to cause a denial of service Traffic Management Microkernel restart via crafted network traffic...
CVE-2022-20533
In getSlice of WifiSlice.java, there is a possible way to connect a new WiFi network from the guest mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
Cross site scripting
A vulnerability was found in collective.task up to 3.0.8. It has been classified as problematic. This affects the function renderCell/AssignedGroupColumn of the file src/collective/task/browser/table.py. The manipulation leads to cross site scripting. It is possible to initiate the attack remotel...
buergerwelle.de Cross Site Scripting vulnerability OBB-3031510
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...