20 matches found
CVE-2026-40948
The CVE-2026-40948 entry concerns the Keycloak authentication manager in apache-airflow-providers-keycloak. It describes missing OAuth 2.0 state validation and PKCE usage during login/login-callback, enabling a potential login-CSRF/session-fixation attack where a victim may be seduced into an att...
EUVD-2019-20124
HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help Register dialog to trigge...
CVE-2019-25689
HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help Register dialog to trigge...
CVE-2019-25689
HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help Register dialog to trigge...
CVE-2019-25689 HTML5 Video Player 1.2.5 Local Buffer Overflow Non-SEH
HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help Register dialog to trigge...
CVE-2019-25689 HTML5 Video Player 1.2.5 Local Buffer Overflow Non-SEH
HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help Register dialog to trigge...
CVE-2019-25689
CVE-2019-25689 affects HTML5 Video Player version 1.2.5. The vulnerability is a local buffer overflow triggered by an oversized key code string entered into the KEY CODE field in the Help Register dialog, enabling arbitrary code execution and allowing an attacker to spawn a calculator process. Do...
PT-2026-32159
HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help Register dialog to trigge...
HTML5 Video Player 缓冲区错误漏洞
Html5Videoplayer is a web video playback component implemented using HTML5 technology by Html5Videoplayer Inc. Version 1.2.5 of HTML5 Video Player contains a buffer overflow vulnerability, which stems from insufficient input validation of the KEYCODE field. This vulnerability could lead to a loca...
MINI-6QWP-VRGV-MHHF
Bulletin has no description...
MINI-QF6M-XG6J-MXWX
Bulletin has no description...
EUVD-2022-28061
Malicious code in bioql PyPI...
EUVD-2024-16562
Malicious code in bioql PyPI...
2Wire Cross-Site Request Forgery Password Reset
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "2Wire Cross-Site Request Forgery Password Reset Vulnerability", 'Description' = %q This module will reset the admin password on a 2Wire wireless...
CGA-C396-HJJ8-346R
Bulletin has no description...
CVE-2024-0774
A vulnerability was found in Any-Capture Any Sound Recorder 2.93. It has been declared as problematic. This vulnerability affects unknown code of the component Registration Handler. The manipulation of the argument User Name/Key Code leads to memory corruption. It is possible to launch the attack...
PT-2024-15810 · Unknown · Any-Capture Any Sound Recorder
Name of the Vulnerable Software and Affected Versions: Any-Capture Any Sound Recorder version 2.93 Description: A vulnerability was found in the Registration Handler component. The manipulation of the User Name/Key Code argument leads to memory corruption. It is possible to launch the attack on t...
xorg-x11-server: XIPassiveUngrab out-of-bounds access
A vulnerability was found in X.Org. This issue occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code...
HTML5 Video Player 1.2.5 - Local Buffer Overflow (Non SEH)
!/usr/bin/python Exploit Title: HTML5 Video Player 1.2.5 - Local Buffer Overflow - Non SEH Date: 27/01/2019 Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: http://www.html5videoplayer.net/download.html Software: http://www.html5videoplayer.net/html5videoplayer-setup.exe Contact:...
nss: Missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime causes server crash
A NULL pointer dereference flaw was found in the way NSS handled invalid Diffie-Hellman keys. A remote client could use this flaw to crash a TLS/SSL server using NSS...