Lucene search
K

8 matches found

Cvelist
Cvelist
added 2026/06/26 7:17 a.m.37 views

CVE-2026-57879 GV-LPC2011/LPC2211 - unauthorized buffer overflow via AuthMode/AuthValue path (ssvr)

An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing RTSP custom authentication data. A remote attacker may exploit this vulnerability by...

9.8CVSS0.0053EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/27 12:0 a.m.10 views

Copeland XWEB PRO 操作系统命令注入漏洞

Copeland XWEB PRO is an advanced commercial and industrial refrigeration monitoring and management system developed by the American company Copeland. Versions of Copeland XWEB PRO prior to 1.12.1 contained a vulnerability related to operating system command injection. This vulnerability stemmed...

8.8CVSS6.2AI score0.01934EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.6 views

Riello UPS NetMan 208 SQL注入漏洞

Riello UPS NetMan 208 is a network management card from Riello UPS, Italy. A SQL injection vulnerability exists in Riello UPS NetMan 208 versions prior to 1.12, which originates from the presence of SQL injection in cgi-bin/login.cgi, which may result in table deletion...

6.5CVSS7.8AI score0.00188EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 2:40 a.m.8 views

CVE-2023-5049

The Giveaways and Contests by RafflePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rafflepress' and 'rafflepressgutenberg' shortcode in versions up to, and including, 1.12.0 due to insufficient input sanitization and output escaping on 'giframe' user supplied...

6.4CVSS6.1AI score0.00482EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:49 a.m.10 views

CVE-2019-6965

An XSS issue was discovered in i-doit Open 1.12 via the src/tools/php/qr/qr.php url parameter...

6.1CVSS6AI score0.02518EPSS
Exploits4References1
Github Security Blog
Github Security Blog
added 2025/04/18 3:10 p.m.18 views

ses's global contour bindings leak into Compartment lexical scope

Impact Web pages and web extensions using ses and the Compartment API to evaluate third-party code in an isolated execution environment that have also elsewhere used const, let, and class bindings in the top-level scope of a tag will have inadvertently revealed these bindings in the lexical scope...

8.7CVSS7AI score0.005EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2023/09/21 12:0 a.m.6 views

FUXA SQL Injection Vulnerability

FUXA is an open source web-based process visualization SCADA/HMI/Dashboard software. A security vulnerability exists in FUXA version 1.1.12 and earlier, which stems from vulnerability to SQL injection attacks via /api/signin...

9.8CVSS7.9AI score0.27436EPSS
Exploits1References5
CNVD
CNVD
added 2015/07/02 12:0 a.m.5 views

IBM Tivoli Storage Manager FastBack stack buffer overflow vulnerability (CNVD-2015-04187)

IBM Tivoli Storage Manager FastBack is a suite of software from IBM USA that provides continuous data protection and recovery management capabilities for Microsoft Windows and Linux servers. A stack buffer overflow vulnerability exists in IBM Tivoli Storage Manager FastBack version 6.1.12 prior t...

7.8CVSS7AI score0.02962EPSS
Exploits0References1
Rows per page
Query Builder