Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-7437

Malware in sbrugna...

5.4CVSS6.4AI score0.00266EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/11/16 12:0 a.m.31 views

CVE-2023-43275

Cross-Site Request Forgery CSRF vulnerability in DedeCMS v5.7 in 110 backend management interface via /catalogadd.php, allows attackers to create crafted web pages due to a lack of verification of the token value of the submitted form...

8.9AI score0.00323EPSS
Exploits1References1
Prion
Prion
added 2023/02/08 11:15 a.m.25 views

Code injection

Lack of verification in B&R APROL Tbase server versions R 4.2-07 may lead to memory leaks when receiving messages...

7.5CVSS9.2AI score0.00619EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/02/08 10:6 a.m.31 views

CVE-2022-43762 Memory leak when receiving messages in APROL Tbase server

Lack of verification in B&R APROL Tbase server versions R 4.2-07 may lead to memory leaks when receiving messages...

7.5CVSS9.6AI score0.00619EPSS
Exploits0References1
Veracode
Veracode
added 2022/04/13 8:50 a.m.36 views

Arbitrary File Upload

express-fileupload is vulnerable to arbitrary file upload. The vulnerability exists due to a lack of verification of the number of files being sent to the writeStream function...

7.5CVSS2.5AI score0.01359EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2022/02/14 12:0 a.m.15 views

Foxit PDF Reader Resource Management Error Vulnerability (CNVD-2022-22736)

Foxit PDF Reader is a PDF reader from Foxit, a Chinese company. Foxit PDF Reader is vulnerable due to a lack of verification of the existence of an object before performing operations on it, which can be exploited to execute code in the context of the current process...

8.8CVSS2.4AI score0.02382EPSS
Exploits0References1
CNVD
CNVD
added 2022/02/14 12:0 a.m.18 views

Foxit PDF Reader Resource Management Error Vulnerability (CNVD-2022-22730)

Foxit PDF Reader is a PDF reader from Foxit China.A security vulnerability exists in Foxit PDF Reader, which stems from the lack of verification of the existence of an object before performing operations on it, and can be exploited by attackers to execute code in the context of the current proces...

8.8CVSS4.3AI score0.02382EPSS
Exploits0References1
NVD
NVD
added 2021/11/14 9:15 p.m.42 views

CVE-2021-43273

An Out-of-bounds Read vulnerability exists in the DGN file reading procedure in Open Design Alliance Drawings SDK before 2022.11. Crafted data in a DGN file and lack of verification of input data can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability t...

4.3CVSS0.01405EPSS
Exploits0References5
Cvelist
Cvelist
added 2021/09/07 9:59 p.m.17 views

CVE-2020-19767

A lack of target address verification in the destroycontract function of 0xRACER 1.0 allows attackers to steal tokens from victim users via a crafted script...

7.4AI score0.01173EPSS
Exploits1References1
Veracode
Veracode
added 2021/04/05 4:23 a.m.18 views

Open Redirection

github.com/pomerium/pomerium is vulnerable to open redirect. Lack of verification of pomeriumsignature affects routes responsible for sign in/out. However, it does not introduce an authentication bypass...

6.1CVSS3.3AI score0.00658EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/08/21 2:15 p.m.20 views

Design/Logic Flaw

HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160C00E160R2P8 have an out of bound read vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause...

2.1CVSS5.4AI score0.00199EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/08/21 2:15 p.m.15 views

Integer overflow

HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160C00E160R2P8 has an integer overflow vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause integer...

2.1CVSS5.6AI score0.00199EPSS
Exploits0References1Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2018/08/02 12:0 a.m.30 views

(Pwn2Own) Huawei App Market JavaScript Bridge Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Huawei App Market. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

4.4CVSS2.5AI score0.00421EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2018/08/02 12:0 a.m.24 views

(Pwn2Own) Huawei App Market Whitelist Bypass Privilege Escalation Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Huawei App Market. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

6.8CVSS1.4AI score0.00666EPSS
Exploits0References1
NVD
NVD
added 2018/04/04 3:29 p.m.24 views

CVE-2018-9205

Vulnerability in avataruploader v7.x-1.0-beta8 , The code in view.php doesn't verify users or sanitize the file path...

7.5CVSS7.5AI score0.56924EPSS
Exploits6References4
Vulnrichment
Vulnrichment
added 2018/02/08 7:0 a.m.8 views

CVE-2018-0140

A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance could allow an authenticated, remote attacker to download any message from the spam quarantine by modifying browser string information. The vulnerability is due to a lack of...

6.7AI score0.01573EPSS
Exploits0References4
Cvelist
Cvelist
added 2018/02/08 7:0 a.m.20 views

CVE-2018-0140

A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance could allow an authenticated, remote attacker to download any message from the spam quarantine by modifying browser string information. The vulnerability is due to a lack of...

6.4AI score0.01573EPSS
Exploits0References4
Rows per page
Query Builder