Lucene search
+L

1335 matches found

NVD
NVD
added 2025/12/30 1:16 p.m.3 views

CVE-2023-54202

In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix race condition UAF in i915perfaddconfigioctl Userspace can guess the id value and try to race oaconfig object creation with config remove, resulting in a use-after-free if we dereference the object after unlocking t...

0.00168EPSS
Exploits0References4
OSV
OSV
added 2025/12/30 12:9 p.m.3 views

CVE-2023-54202 drm/i915: fix race condition UAF in i915_perf_add_config_ioctl

In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix race condition UAF in i915perfaddconfigioctl Userspace can guess the id value and try to race oaconfig object creation with config remove, resulting in a use-after-free if we dereference the object after unlocking t...

6.3AI score0.00168EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/11/17 12:1 p.m.13 views

CVE-2025-13249

A security vulnerability has been detected in Jiusi OA up to 20251102. This affects an unknown function of the file /OfficeServer?isAjaxDownloadTemplate=false of the component OfficeServer Interface. Such manipulation of the argument FileData leads to unrestricted upload. The attack can be launch...

6.5CVSS6.3AI score0.00234EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/16 12:30 p.m.8 views

EUVD-2025-197726

A security vulnerability has been detected in Jiusi OA up to 20251102. This affects an unknown function of the file /OfficeServer?isAjaxDownloadTemplate=false of the component OfficeServer Interface. Such manipulation of the argument FileData leads to unrestricted upload. The attack can be launch...

6.5CVSS6.3AI score0.00234EPSS
Exploits0References5
NVD
NVD
added 2025/11/16 12:15 p.m.8 views

CVE-2025-13249

A security vulnerability has been detected in Jiusi OA up to 20251102. This affects an unknown function of the file /OfficeServer?isAjaxDownloadTemplate=false of the component OfficeServer Interface. Such manipulation of the argument FileData leads to unrestricted upload. The attack can be launch...

6.5CVSS0.00234EPSS
Exploits0References4
CVE
CVE
added 2025/11/16 11:32 a.m.18 views

CVE-2025-13249

Jiusi OA fixes unrevealed function in OfficeServer Interface where manipulating FileData in /OfficeServer?isAjaxDownloadTemplate=false enables unrestricted upload. Affects Jiusi OA up to 20251102 and can be exploited remotely; exploit has been publicly disclosed. Remediation per sources is to upd...

6.5CVSS6.5AI score0.00234EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/11/16 11:32 a.m.13 views

CVE-2025-13249 Jiusi OA OfficeServer unrestricted upload

A security vulnerability has been detected in Jiusi OA up to 20251102. This affects an unknown function of the file /OfficeServer?isAjaxDownloadTemplate=false of the component OfficeServer Interface. Such manipulation of the argument FileData leads to unrestricted upload. The attack can be launch...

6.5CVSS0.00234EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/11/16 11:32 a.m.3 views

CVE-2025-13249 Jiusi OA OfficeServer unrestricted upload

A security vulnerability has been detected in Jiusi OA up to 20251102. This affects an unknown function of the file /OfficeServer?isAjaxDownloadTemplate=false of the component OfficeServer Interface. Such manipulation of the argument FileData leads to unrestricted upload. The attack can be launch...

6.5CVSS6.3AI score0.00234EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/15 12:0 a.m.7 views

PT-2025-47061

Name of the Vulnerable Software and Affected Versions bestfeng oa git free versions up to 9.5 Description A flaw exists in bestfeng oa git free up to version 9.5. The issue is related to the manipulation of the writeProp argument within the updateWriteBack function located in the file...

6.5CVSS6.1AI score0.00285EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/11/15 12:0 a.m.4 views

oa_git_free 代码问题漏洞

bestfeng oagitfree line cloud process engine is an enterprise automation process platform from China Cloud OA bestfeng company. A code issue vulnerability exists in oagitfree 9.5 and earlier versions, which originates from the parameter in the file...

6.5CVSS6.6AI score0.00285EPSS
Exploits0References5
EUVD
EUVD
added 2025/11/12 10:25 p.m.1 views

EUVD-2025-137722

Malicious code in avangi-oa-inmi npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/10/31 12:30 a.m.5 views

EUVD-2021-34712

Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 improperly decode and parse the enc parameter in thirdpartyController.do. The decoded map values can influence session attributes without sufficient authentication/authorization checks, enabling attackers to assign a...

9.3CVSS6.3AI score0.00602EPSS
Exploits0References5
NVD
NVD
added 2025/10/30 10:15 p.m.8 views

CVE-2021-4461

Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 improperly decode and parse the enc parameter in thirdpartyController.do. The decoded map values can influence session attributes without sufficient authentication/authorization checks, enabling attackers to assign a...

9.3CVSS0.00602EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/10/30 9:16 p.m.14 views

CVE-2021-4461 Seeyon Zhiyuan OA Web Application System < 7.0 SP1 Authentication Bypass

Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 improperly decode and parse the enc parameter in thirdpartyController.do. The decoded map values can influence session attributes without sufficient authentication/authorization checks, enabling attackers to assign a...

9.3CVSS0.00602EPSS
Exploits0References4
CVE
CVE
added 2025/10/30 9:16 p.m.30 views

CVE-2021-4461

CVE-2021-4461 affects Seeyon Zhiyuan OA Web Application System

9.3CVSS6.5AI score0.00602EPSS
In wildExploits0References4
CNNVD
CNNVD
added 2025/10/21 12:0 a.m.5 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a fully integrated set of global business management software from Oracle. The software provides customer relationship management, service management, financial management, etc. Applications Framework OA Framework, OAF is one of the business development platform...

4.3CVSS6.9AI score0.00225EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-16633

Malware in sbrugna...

4.6CVSS4.9AI score0.00275EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-9948

Malware in sbrugna...

7.5CVSS7.5AI score0.01519EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-6970

Malware in sbrugna...

6.5CVSS6.6AI score0.01025EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-0393

Malware in sbrugna...

4.3CVSS5.6AI score0.01222EPSS
Exploits0References5
Rows per page
Query Builder