42 matches found
SourceCodester School Log Management System 安全漏洞
SourceCodester School Log Management System is an open source school log management system from SourceCodester. A security vulnerability exists in SourceCodester School Log Management System version 1.0, which originates from a cross-site scripting vulnerability in the name function of the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the use of uninitialized values in the copyname function, resulting in a kernel memory error...
AZL-31850 CVE-2023-38471 affecting package avahi for versions less than 0.8-3
A vulnerability was found in Avahi. A reachable assertion exists in the dbussethostname function...
CVE-2023-46504
Cross Site Scripting XSS vulnerability in PwnCYN YXBOOKCMS v.1.0.2 allows a physically proximate attacker to execute arbitrary code via the library name function in the general settings component...
CVE-2023-46504
Cross Site Scripting XSS vulnerability in PwnCYN YXBOOKCMS v.1.0.2 allows a physically proximate attacker to execute arbitrary code via the library name function in the general settings component...
CVE-2023-46504
Cross Site Scripting XSS vulnerability in PwnCYN YXBOOKCMS v.1.0.2 allows a physically proximate attacker to execute arbitrary code via the library name function in the general settings component...
PT-2023-30063 · Unknown · Pwncyn Yxbookcms
Name of the Vulnerable Software and Affected Versions: PwnCYN YXBOOKCMS version 1.0.2 Description: A Cross Site Scripting XSS issue allows an attacker to execute arbitrary code via the library name function in the general settings component. This can be exploited by a physically proximate attacke...
YXBOOKCMS Cross-Site Scripting Vulnerability
YXBOOKCMS is a content management system by PwnCYN Individual Developers. A cross-site scripting vulnerability exists in PwnCYN YXBOOKCMS version v.1.0.2, which originates from a vulnerability that could allow a remote attacker to execute arbitrary code via the library name function in the genera...
The vulnerability of the SetAPLanSettings DeviceName() function in the microprogramming software of the D-Link DAP-1325 wireless signal booster allows a hacker to execute arbitrary code.
The vulnerability of the SetAPLanSettings DeviceName function in the microprogramming software of the D-Link DAP-1325 wireless signal amplifier is related to the execution of operations outside the buffer in memory when processing request parameters for endpoints. Exploiting this vulnerability...
Milesight UR32L 操作系统命令注入漏洞
The Milesight UR32L is a Lite industrial cellular router from Milesight. A command injection vulnerability exists in the Milesight UR32L zebra vlanname function, which can be exploited by an attacker to execute arbitrary commands on the system...
UBUNTU-CVE-2022-3551
A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability...
The vulnerability of the `get_icu_disp_value_src_php` function in the PHP programming language allows a perpetrator to trigger a service failure or possibly cause other effects.
The vulnerability of the geticudispvaluesrcphp function in the PHP programming language is caused by buffer overflow. Exploiting this vulnerability could allow an attacker to trigger a service failure through the call to localgetdisplayname...
UBUNTU-CVE-2021-46238
GPAC v1.1.0 was discovered to contain a stack overflow via the function gfnodegetname at scenegraph/basescenegraph.c. This vulnerability can lead to a program crash, causing a Denial of Service DoS...
CVE-2021-45954
Dnsmasq 2.86 has a heap-based buffer overflow in extractname called from answerauth and FuzzAuth. NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge...
GPAC 代码问题漏洞
GPAC is an open source multimedia framework. gfsvggetattributename function in GPAC version 1.1.0 has a null pointer dereference vulnerability that can be exploited by attackers to cause segmentation errors and application crashes...
PT-2021-7713 · Dnsmasq +2 · Dnsmasq +2
Name of the Vulnerable Software and Affected Versions: Dnsmasq affected versions not specified Description: The issue is related to a buffer overflow in the extract name function of the fuzz util.c component of the Dnsmasq DNS server. This could allow a remote attacker to access confidential data...
PT-2021-7716 · Dnsmasq +2 · Dnsmasq +2
Name of the Vulnerable Software and Affected Versions: Dnsmasq affected versions not specified Description: The issue is related to a buffer overflow in the extract name function of the Dnsmasq DNS server. This could allow a remote attacker to access confidential data, compromise its integrity, a...
DEBIAN-CVE-2020-25682
A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary...
dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled
A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused b...
LiveZilla Live Chat Elevation of Privilege Vulnerability
LiveZilla Live Chat is a free online customer service system from the German company LiveZilla. The system provides real-time monitoring of visitors, offline messages, GeoTracking map tracking, access statistics, online chat and other features. A security vulnerability exists in the 'name' functi...