16 matches found
CVE-2025-69164
Unauthenticated Local File Inclusion in Skyward = 1.10 versions...
CVE-2026-33532 yaml is vulnerable to Stack Overflow via deeply nested YAML collections
yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...
CVE-2026-33532
Summary: CVE-2026-33532 affects the yaml JavaScript library. The vulnerability is in the compose/resolve phase of the parser, where a recursive call path without a depth bound can cause a RangeError: Maximum call stack size exceeded when parsing YAML input (typical payload ~2–10 KB). This can lea...
D-Link DIR-513 安全漏洞
The D-Link DIR-513 is a wireless router product developed by D-Link Corporation. The D-Link DIR-513 v1.10 version has a security vulnerability, which stems from a stack buffer overflow in the curTime parameter within the goform/formSetWizardSelectMode function...
MiracleLinux 4 : krb5-1.10.3-10.AXS4.1 (AXSA:2013-280:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-280:01 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of...
CVE-2025-58972 WordPress Barcode Scanner with Inventory & Order Manager plugin <= 1.10.4 - Path Traversal vulnerability
Path Traversal: '.../...//' vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Path Traversal.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through =...
WordPress Instabot plugin <= 1.10 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin Instabot versions = 1.10...
CVE-2024-24798
Cross-Site Request Forgery CSRF vulnerability in SoniNow Team Debug.This issue affects Debug: from n/a through 1.10...
MiniCMS 跨站脚本漏洞
MiniCMS is the minimalist content management system for personal websites. A security vulnerability exists in MiniCMS version v.1.10 that originates from allowing an unauthenticated attacker to execute arbitrary code via a crafted get request...
CVE-2022-32514
A CWE-287: Improper Authentication vulnerability exists that could allow an attacker to gain control of the device when logging into a web page. Affected Products: C-Bus Network Automation Controller - LSS5500NAC Versions prior to V1.10.0, Wiser for C-Bus Automation Controller - LSS5500SHAC...
PT-2022-17133 · Jenkins · Jenkins Snow Commander Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Snow Commander Plugin versions 1.10 and earlier Description: The issue concerns missing permission checks in the Jenkins Snow Commander Plugin, allowing attackers with Overall/Read permission to connect to a specified webserver using...
PT-2021-7369 · Unknown · Go-Ethereum
Name of the Vulnerable Software and Affected Versions: go-ethereum versions prior to v1.10.8 Description: A consensus-vulnerability in go-ethereum Geth could cause a chain split, where vulnerable versions refuse to accept the canonical chain. This issue is related to a memory-corruption bug withi...
Bosch PRAESIDEO and Bosch PRAESENSA Cross-Site Scripting Vulnerabilities
Bosch Praesideo and Bosch Praesensa are both products of Bosch, Germany.Bosch Praesideo is a device for digital broadcasting in public places. The device can provide daily information dissemination, emergency broadcasting, fire alarm and other functions for buildings and public places.Bosch...
D-Link DIR-816 Command Injection Vulnerability (CNVD-2019-02394)
D-Link DIR-816 is a home router product from AUO. A command injection vulnerability exists in the D-Link DIR-816 A2 version 1.10 B05, which originates from a program that uses HTTP requests to build commands, and can be exploited by an attacker for command injection...
Artifex Software MuPDF Buffer Overflow Vulnerability
Artifex Software MuPDF is a free, lightweight PDF reader from Artifex Software, USA. A buffer overflow vulnerability exists in the main function of the jstestmain.c file in Artifex Software MuPDF versions prior to 1.10. A remote attacker can exploit this vulnerability to cause a denial of service...
SUSE-SU-2015:0653-1 Security update for wireshark
wireshark has been updated to version 1.10.11 to fix five security issues. These security issues have been fixed: SigComp UDVM buffer overflow CVE-2014-8710. AMQP dissector crash CVE-2014-8711. NCP dissector crashes CVE-2014-8712, CVE-2014-8713. TN5250 infinite loops CVE-2014-8714. This...