Lucene search
+L

10 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-18622

Malware in sbrugna...

6.5CVSS6.8AI score0.00732EPSS
Exploits0References2
code423n4
code423n4
added 2023/02/12 12:0 a.m.10 views

Upgraded Q -> 2 from #362 [1676219107265]

Judge has assessed an item in Issue 362 as 2 risk. The relevant finding follows: N‑01 Upgradeable contract is missing a gap50 storage variable to allow for new storage variables in later versions --- The text was updated successfully, but these errors were encountered: All reactions...

6.9AI score
Exploits0
code423n4
code423n4
added 2023/02/12 12:0 a.m.15 views

Upgraded Q -> 2 from #533 [1676218902616]

Judge has assessed an item in Issue 533 as 2 risk. The relevant finding follows: Upgradeable contract is missing a gap50 storage variable to allow for new storage variables in later versions --- The text was updated successfully, but these errors were encountered: All reactions...

6.9AI score
Exploits0
github
github
added 2021/04/19 2:49 p.m.69 views

Stored cross-site scripting in Grid component in Vaadin 7 and 8

Missing variable sanitization in Grid component in com.vaadin:vaadin-server versions 7.4.0 through 7.7.19 Vaadin 7.4.0 through 7.7.19, and 8.0.0 through 8.8.4 Vaadin 8.0.0 through 8.8.4 allows attacker to inject malicious JavaScript via unspecified vector. -...

6.1CVSS3AI score0.00923EPSS
Exploits0References6Affected Software2
attackerkb
attackerkb
added 2021/02/26 3:15 a.m.5 views

CVE-2020-24455

Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3...

6.7CVSS6.4AI score0.00588EPSS
Exploits0References7
nvd
nvd
added 2019/09/27 7:15 p.m.22 views

CVE-2019-9319

In libavc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111762100...

6.5CVSS6.2AI score0.00732EPSS
Exploits0References1
prion
prion
added 2019/09/27 7:15 p.m.11 views

Information disclosure

In libstagefright, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112052258...

4.3CVSS6.5AI score0.00732EPSS
Exploits0References1Affected Software1
cve
cve
added 2019/09/27 6:5 p.m.48 views

CVE-2019-9319

CVE-2019-9319 affects Android 10 media stack (libavc) where a missing variable initialization in the library can lead to remote information disclosure without extra execution privileges. Exploitation requires user interaction. The Android 10 security release notes state these issues are addressed...

6.5CVSS6.5AI score0.00732EPSS
Exploits0References1Affected Software1
cnvd
cnvd
added 2014/12/15 12:0 a.m.2 views

Qibo CMS SQL Injection Vulnerability

Qibo CMS system is a PHP168 website management system created by Guangzhou Xietian Software Technology Co. A SQL injection vulnerability exists in Qibo CMS v7.0, due to the omission of the variable $TBpre, which can be exploited by attackers to obtain sensitive information...

7.9AI score
Exploits0
redhat
redhat
added 2005/02/15 9:3 a.m.36 views

Moderate: Red Hat Security Advisory: squirrelmail security update

An updated Squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SquirrelMail is a standards-based webmail package written in PHP4. Jimmy Conner...

7.5CVSS5.1AI score0.02342EPSS
Exploits0References7
Rows per page
Query Builder