90 matches found
CVE-2023-7279
A vulnerability has been found in Secure Systems Engineering Connaisseur up to 3.3.0 and classified as problematic. This vulnerability affects unknown code of the file connaisseur/res/targetsschema.json of the component Delegation Name Handler. The manipulation leads to inefficient regular...
CVE-2023-7279 Secure Systems Engineering Connaisseur Delegation Name targets_schema.json redos
A vulnerability has been found in Secure Systems Engineering Connaisseur up to 3.3.0 and classified as problematic. This vulnerability affects unknown code of the file connaisseur/res/targetsschema.json of the component Delegation Name Handler. The manipulation leads to inefficient regular...
CVE-2023-7279
CVE-2023-7279 affects Secure Systems Engineering Connaisseur up to version 3.3.0, with the issue localized to the file connaisseur/res/targets_schema.json in the Delegation Name Handler. The vulnerability causes inefficient regular expression complexity; the reported attack complexity is high and...
CVE-2023-7279 Secure Systems Engineering Connaisseur Delegation Name targets_schema.json redos
A vulnerability has been found in Secure Systems Engineering Connaisseur up to 3.3.0 and classified as problematic. This vulnerability affects unknown code of the file connaisseur/res/targetsschema.json of the component Delegation Name Handler. The manipulation leads to inefficient regular...
PT-2024-15266 · Secure Systems Engineering · Secure Systems Engineering Connaisseur
Name of the Vulnerable Software and Affected Versions: Secure Systems Engineering Connaisseur versions up to 3.3.0 Description: A vulnerability has been found in Secure Systems Engineering Connaisseur, affecting unknown code of the file connaisseur/res/targets schema.json of the component...
The vulnerability of the File Name Handler component in the Vim text editor allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the File Name Handler component in the Vim text editor exists due to a mistake in the use of pointers after memory release in the dialogchanged function. Exploiting this vulnerability can allow an attacker to trigger a pointer use-after-free error, resulting in a malfunction ...
CVE-2024-7579
A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been declared as critical. Affected by this vulnerability is the function popen of the file /var/www/cgi-bin/upgrade.cgi of the component File Name Handler. The manipulation of the argument uploadedFile leads to os...
CVE-2024-7579
An issue affects Alien Technology ALR-F800 up to version 19.10.24.00. The vulnerability resides in the popen call within the File Name Handler component, specifically the /var/www/cgi-bin/upgrade.cgi file, where manipulating the uploadedFile argument leads to an OS command injection. The attack c...
Alien ALR-F800 操作系统命令注入漏洞
The Alien ALR-F800 is an RFID sensor from Alien. An operating system command injection vulnerability exists in the Alien ALR-F800 version 19.10.24.00 and prior versions, which stems from an operating system command injection vulnerability contained in the uploadedFile parameter in the File Name...
The vulnerability of the Branch Name Handler component of the PHP Composer dependency manager allows a attacker to execute arbitrary commands.
The vulnerability of the Branch Name Handler component in the PHP Composer dependency manager is related to the use of the composer install command executed within the git/hg repository. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
GHSA-4H5H-P23F-HJQF SQL injection in Folio Spring Module Core
A vulnerability was found in Folio Spring Module Core before 2.0.0. Affected by this issue is the function dropSchema of the file tenant/src/main/java/org/folio/spring/tenant/hibernate/HibernateSchemaService.java of the component Schema Name Handler. The manipulation leads to sql injection...
SQL injection in Folio Spring Module Core
A vulnerability was found in Folio Spring Module Core before 2.0.0. Affected by this issue is the function dropSchema of the file tenant/src/main/java/org/folio/spring/tenant/hibernate/HibernateSchemaService.java of the component Schema Name Handler. The manipulation leads to sql injection...
CVE-2022-4963
A vulnerability was found in Folio Spring Module Core up to 1.1.5. It has been rated as critical. Affected by this issue is the function dropSchema of the file tenant/src/main/java/org/folio/spring/tenant/hibernate/HibernateSchemaService.java of the component Schema Name Handler. The manipulation...
Spring Module Core SQL注入漏洞
Spring Module Core is a FOLIO open source Spring Module Core library developed using Okapi. Spring Module Core version 1.1.5 SQL injection vulnerability , the vulnerability stems from the component Schema Name Handler function dropSchema will lead to SQL injection...
CVE-2022-4963 Folio Spring Module Core Schema Name HibernateSchemaService.java dropSchema sql injection
A vulnerability was found in Folio Spring Module Core up to 1.1.5. It has been rated as critical. Affected by this issue is the function dropSchema of the file tenant/src/main/java/org/folio/spring/tenant/hibernate/HibernateSchemaService.java of the component Schema Name Handler. The manipulation...
CVE-2022-4963
CVE-2022-4963 affects Folio Spring Module Core up to version 1.1.5. The vulnerability is a SQL injection in the dropSchema function of HibernateSchemaService.java (Schema Name Handler). Root cause: improper handling in dropSchema leads to injection risk. Upgrading to version 2.0.0 addresses the i...
The vulnerability of the Project Name Handler component in navigation and multimedia systems intended for use in terrestrial vehicles, provided by Harman Infotainment, allows for root access via SSH using a USB-to-Ethernet key with a password.
The vulnerability of the Project Name Handler component in navigation and multimedia systems intended for use in terrestrial vehicles, Harman Infotainment, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain root access via SSH using a...
CVE-2017-20186
UNSUPPORTED WHEN ASSIGNED A vulnerability was found in nikooo777 ckSurf up to 1.19.2. It has been declared as problematic. This vulnerability affects the function SpecListMenuDead of the file csgo/addons/sourcemod/scripting/ckSurf/misc.sp of the component Spectator List Name Handler. The...
CVE-2017-20186
UNSUPPORTED WHEN ASSIGNED A vulnerability was found in nikooo777 ckSurf up to 1.19.2. It has been declared as problematic. This vulnerability affects the function SpecListMenuDead of the file csgo/addons/sourcemod/scripting/ckSurf/misc.sp of the component Spectator List Name Handler. The...
Design/Logic Flaw
UNSUPPORTED WHEN ASSIGNED A vulnerability was found in nikooo777 ckSurf up to 1.19.2. It has been declared as problematic. This vulnerability affects the function SpecListMenuDead of the file csgo/addons/sourcemod/scripting/ckSurf/misc.sp of the component Spectator List Name Handler. The...