Lucene search
K

90 matches found

NVD
NVD
added 2024/09/02 6:15 p.m.23 views

CVE-2023-7279

A vulnerability has been found in Secure Systems Engineering Connaisseur up to 3.3.0 and classified as problematic. This vulnerability affects unknown code of the file connaisseur/res/targetsschema.json of the component Delegation Name Handler. The manipulation leads to inefficient regular...

5.9CVSS0.00537EPSS
Exploits0References5
OSV
OSV
added 2024/09/02 2:0 p.m.14 views

CVE-2023-7279 Secure Systems Engineering Connaisseur Delegation Name targets_schema.json redos

A vulnerability has been found in Secure Systems Engineering Connaisseur up to 3.3.0 and classified as problematic. This vulnerability affects unknown code of the file connaisseur/res/targetsschema.json of the component Delegation Name Handler. The manipulation leads to inefficient regular...

2.1CVSS4.4AI score0.00537EPSS
Exploits0References7
CVE
CVE
added 2024/09/02 2:0 p.m.53 views

CVE-2023-7279

CVE-2023-7279 affects Secure Systems Engineering Connaisseur up to version 3.3.0, with the issue localized to the file connaisseur/res/targets_schema.json in the Delegation Name Handler. The vulnerability causes inefficient regular expression complexity; the reported attack complexity is high and...

5.9CVSS4.5AI score0.00537EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2024/09/02 2:0 p.m.25 views

CVE-2023-7279 Secure Systems Engineering Connaisseur Delegation Name targets_schema.json redos

A vulnerability has been found in Secure Systems Engineering Connaisseur up to 3.3.0 and classified as problematic. This vulnerability affects unknown code of the file connaisseur/res/targetsschema.json of the component Delegation Name Handler. The manipulation leads to inefficient regular...

2.6CVSS0.00537EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/09/02 12:0 a.m.6 views

PT-2024-15266 · Secure Systems Engineering · Secure Systems Engineering Connaisseur

Name of the Vulnerable Software and Affected Versions: Secure Systems Engineering Connaisseur versions up to 3.3.0 Description: A vulnerability has been found in Secure Systems Engineering Connaisseur, affecting unknown code of the file connaisseur/res/targets schema.json of the component...

5.9CVSS4.5AI score0.00537EPSS
Exploits0References24
BDU FSTEC
BDU FSTEC
added 2024/08/19 12:0 a.m.8 views

The vulnerability of the File Name Handler component in the Vim text editor allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the File Name Handler component in the Vim text editor exists due to a mistake in the use of pointers after memory release in the dialogchanged function. Exploiting this vulnerability can allow an attacker to trigger a pointer use-after-free error, resulting in a malfunction ...

4.2CVSS6.7AI score0.00289EPSS
Exploits0References10Affected Software11
OSV
OSV
added 2024/08/07 2:15 p.m.6 views

CVE-2024-7579

A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been declared as critical. Affected by this vulnerability is the function popen of the file /var/www/cgi-bin/upgrade.cgi of the component File Name Handler. The manipulation of the argument uploadedFile leads to os...

8.8CVSS5.5AI score0.08379EPSS
Exploits1References4
CVE
CVE
added 2024/08/07 2:0 p.m.35 views

CVE-2024-7579

An issue affects Alien Technology ALR-F800 up to version 19.10.24.00. The vulnerability resides in the popen call within the File Name Handler component, specifically the /var/www/cgi-bin/upgrade.cgi file, where manipulating the uploadedFile argument leads to an OS command injection. The attack c...

8.8CVSS6.8AI score0.08379EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2024/08/07 12:0 a.m.4 views

Alien ALR-F800 操作系统命令注入漏洞

The Alien ALR-F800 is an RFID sensor from Alien. An operating system command injection vulnerability exists in the Alien ALR-F800 version 19.10.24.00 and prior versions, which stems from an operating system command injection vulnerability contained in the uploadedFile parameter in the File Name...

8.8CVSS6.8AI score0.08379EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2024/06/28 12:0 a.m.5 views

The vulnerability of the Branch Name Handler component of the PHP Composer dependency manager allows a attacker to execute arbitrary commands.

The vulnerability of the Branch Name Handler component in the PHP Composer dependency manager is related to the use of the composer install command executed within the git/hg repository. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS8AI score0.03255EPSS
Exploits0References10Affected Software4
OSV
OSV
added 2024/03/21 3:36 a.m.11 views

GHSA-4H5H-P23F-HJQF SQL injection in Folio Spring Module Core

A vulnerability was found in Folio Spring Module Core before 2.0.0. Affected by this issue is the function dropSchema of the file tenant/src/main/java/org/folio/spring/tenant/hibernate/HibernateSchemaService.java of the component Schema Name Handler. The manipulation leads to sql injection...

5.5CVSS7.7AI score0.00596EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2024/03/21 3:36 a.m.21 views

SQL injection in Folio Spring Module Core

A vulnerability was found in Folio Spring Module Core before 2.0.0. Affected by this issue is the function dropSchema of the file tenant/src/main/java/org/folio/spring/tenant/hibernate/HibernateSchemaService.java of the component Schema Name Handler. The manipulation leads to sql injection...

9.8CVSS7.5AI score0.00596EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2024/03/21 2:44 a.m.23 views

CVE-2022-4963

A vulnerability was found in Folio Spring Module Core up to 1.1.5. It has been rated as critical. Affected by this issue is the function dropSchema of the file tenant/src/main/java/org/folio/spring/tenant/hibernate/HibernateSchemaService.java of the component Schema Name Handler. The manipulation...

9.8CVSS6AI score0.00596EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.5 views

Spring Module Core SQL注入漏洞

Spring Module Core is a FOLIO open source Spring Module Core library developed using Okapi. Spring Module Core version 1.1.5 SQL injection vulnerability , the vulnerability stems from the component Schema Name Handler function dropSchema will lead to SQL injection...

9.8CVSS6.1AI score0.00596EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/03/20 6:31 p.m.31 views

CVE-2022-4963 Folio Spring Module Core Schema Name HibernateSchemaService.java dropSchema sql injection

A vulnerability was found in Folio Spring Module Core up to 1.1.5. It has been rated as critical. Affected by this issue is the function dropSchema of the file tenant/src/main/java/org/folio/spring/tenant/hibernate/HibernateSchemaService.java of the component Schema Name Handler. The manipulation...

5.5CVSS6.3AI score0.00596EPSS
Exploits0References5
CVE
CVE
added 2024/03/20 6:31 p.m.66 views

CVE-2022-4963

CVE-2022-4963 affects Folio Spring Module Core up to version 1.1.5. The vulnerability is a SQL injection in the dropSchema function of HibernateSchemaService.java (Schema Name Handler). Root cause: improper handling in dropSchema leads to injection risk. Upgrading to version 2.0.0 addresses the i...

9.8CVSS5.9AI score0.00596EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/13 12:0 a.m.7 views

The vulnerability of the Project Name Handler component in navigation and multimedia systems intended for use in terrestrial vehicles, provided by Harman Infotainment, allows for root access via SSH using a USB-to-Ethernet key with a password.

The vulnerability of the Project Name Handler component in navigation and multimedia systems intended for use in terrestrial vehicles, Harman Infotainment, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain root access via SSH using a...

7.2CVSS6.7AI score0.00445EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/08/28 1:15 p.m.12 views

CVE-2017-20186

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in nikooo777 ckSurf up to 1.19.2. It has been declared as problematic. This vulnerability affects the function SpecListMenuDead of the file csgo/addons/sourcemod/scripting/ckSurf/misc.sp of the component Spectator List Name Handler. The...

7.5CVSS7.1AI score
Exploits0References5
NVD
NVD
added 2023/08/28 1:15 p.m.21 views

CVE-2017-20186

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in nikooo777 ckSurf up to 1.19.2. It has been declared as problematic. This vulnerability affects the function SpecListMenuDead of the file csgo/addons/sourcemod/scripting/ckSurf/misc.sp of the component Spectator List Name Handler. The...

7.5CVSS5AI score0.00736EPSS
Exploits0References5
Prion
Prion
added 2023/08/28 1:15 p.m.12 views

Design/Logic Flaw

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in nikooo777 ckSurf up to 1.19.2. It has been declared as problematic. This vulnerability affects the function SpecListMenuDead of the file csgo/addons/sourcemod/scripting/ckSurf/misc.sp of the component Spectator List Name Handler. The...

5CVSS7.5AI score0.00736EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder