438 matches found
PT-2024-8682 · Scada-Lts · Scada-Lts
Name of the Vulnerable Software and Affected Versions: Scada-LTS version 2.7.8 Description: A vulnerability has been found in the Message Handler component of Scada-LTS, related to the file /Scada-LTS/app.shtm/alarms/Scada. The manipulation leads to cross-site scripting. The attack can be launche...
UBUNTU-CVE-2024-38572
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix out-of-bound access of qmiinvokehandler Currently, there is no terminator entry for ath12kqmimsghandlers hence facing below KASAN warning, ================================================================== BUG:...
PT-2024-24959 · Google · Android +1
Name of the Vulnerable Software and Affected Versions: No specific software name or versions are mentioned in the provided descriptions. Description: The issue is related to uninitialized data in the AcvpOnMessage function of avcp.cpp, which could lead to a possible escalation of privilege EOP...
CVE-2024-4975
A vulnerability, which was classified as problematic, has been found in code-projects Simple Chat System 1.0. This issue affects some unknown processing of the component Message Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been...
CVE-2024-4975 code-projects Simple Chat System Message cross site scripting
A vulnerability, which was classified as problematic, has been found in code-projects Simple Chat System 1.0. This issue affects some unknown processing of the component Message Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been...
CVE-2024-4975 code-projects Simple Chat System Message cross site scripting
A vulnerability, which was classified as problematic, has been found in code-projects Simple Chat System 1.0. This issue affects some unknown processing of the component Message Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been...
PT-2024-33661 · Code Projects · Simple Chat System
Name of the Vulnerable Software and Affected Versions: code-projects Simple Chat System version 1.0 Description: A problematic issue has been found in the Message Handler component, leading to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public...
CVE-2024-4511
A vulnerability classified as critical has been found in Shanghai Sunfull Automation BACnet Server HMI1002-ARM 2.0.4. This affects an unknown part of the component Message Handler. The manipulation leads to buffer overflow. The exploit has been disclosed to the public and may be used. The...
CVE-2024-4511 Shanghai Sunfull Automation BACnet Server HMI1002-ARM Message buffer overflow
A vulnerability classified as critical has been found in Shanghai Sunfull Automation BACnet Server HMI1002-ARM 2.0.4. This affects an unknown part of the component Message Handler. The manipulation leads to buffer overflow. The exploit has been disclosed to the public and may be used. The...
PT-2024-14805 · Honeywell · Honeywell C300
Name of the Vulnerable Software and Affected Versions: Honeywell C300 affected versions not specified Description: The issue is related to a denial of service due to improper handling of a specially crafted message received by the controller. This can be exploited remotely. There is a critical...
PT-2024-6580 · Hikvision · Hikvision Ds-7604Ni-K1/4P +1
Name of the Vulnerable Software and Affected Versions: Hikvision NVRs affected versions not specified Hikvision DS-7604NI-K1/4PB affected versions not specified Description: The issue is related to a NULL dereference pointer vulnerability. It is caused by insufficient validation of a parameter in...
The vulnerability of the UPnP SUBSCRIBE Message Handler component in the wireless access points from D-Link, such as the DAP-1650, allows a hacker to execute arbitrary commands.
The vulnerability of the UPnP SUBSCRIBE Message Handler component in the wireless access points from D-Link DAP-1650 is related to improper input validation. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands using specially crafted data...
The vulnerability of the DHCPv6 Advertise Message Handler component in the Tianocore EDK2 library, which allows a attacker to compromise the confidentiality, integrity, and accessibility of data.
The vulnerability of the DHCPv6 Advertise Message Handler component in the Tianocore EDK2 library is related to buffer overflow attacks. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of data...
CVE-2024-0189 RRJ Nueva Ecija Engineer Online Portal Create Message teacher_message.php cross site scripting
A vulnerability has been found in RRJ Nueva Ecija Engineer Online Portal 1.0 and classified as problematic. This vulnerability affects unknown code of the file teachermessage.php of the component Create Message Handler. The manipulation of the argument Content with the input alertx leads to cross...
PT-2023-31463 · Unknown · Foundation
Name of the Vulnerable Software and Affected Versions: Foundation platform version 1.0 Description: The issue allows a remote attacker to obtain sensitive information via the Web3 authentication process of Foundation. The signed message lacks a nonce, which is a random number. This flaw may expos...
CVE-2023-6296
A vulnerability was found in osCommerce 4. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /catalog/compare of the component Instant Message Handler. The manipulation of the argument compare with the input 40dz4iq"alert1zohkx leads to cross site...
Cross site scripting
A vulnerability was found in osCommerce 4. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /catalog/compare of the component Instant Message Handler. The manipulation of the argument compare with the input 40dz4iq"alert1zohkx leads to cross site...
CVE-2023-6296 osCommerce Instant Message compare cross site scripting
A vulnerability was found in osCommerce 4. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /catalog/compare of the component Instant Message Handler. The manipulation of the argument compare with the input 40dz4iq"alert1zohkx leads to cross site...
osCommerce Cross-Site Scripting Vulnerability
osCommerce is an open source online shopping e-commerce solution based on the GNUGPL license. A cross-site scripting vulnerability exists in osCommerce 4, which stems from the presence of an unknown function in the file /catalog/compare in the component Instant Message Handler, resulting in a...
PT-2023-9100 · Telit · Telit Cinterion Ehs5/6/8 +1
Name of the Vulnerable Software and Affected Versions: Telit Cinterion EHS5/6/8 affected versions not specified Telit Cinterion BGS5 affected versions not specified Telit Cinterion PDS5/6/8 affected versions not specified Description: A Buffer Copy without Checking Size of Input vulnerability...