8 matches found
CVE-2026-57879 GV-LPC2011/LPC2211 - unauthorized buffer overflow via AuthMode/AuthValue path (ssvr)
An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing RTSP custom authentication data. A remote attacker may exploit this vulnerability by...
Copeland XWEB PRO 操作系统命令注入漏洞
Copeland XWEB PRO is an advanced commercial and industrial refrigeration monitoring and management system developed by the American company Copeland. Versions of Copeland XWEB PRO prior to 1.12.1 contained a vulnerability related to operating system command injection. This vulnerability stemmed...
Riello UPS NetMan 208 SQL注入漏洞
Riello UPS NetMan 208 is a network management card from Riello UPS, Italy. A SQL injection vulnerability exists in Riello UPS NetMan 208 versions prior to 1.12, which originates from the presence of SQL injection in cgi-bin/login.cgi, which may result in table deletion...
CVE-2023-5049
The Giveaways and Contests by RafflePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rafflepress' and 'rafflepressgutenberg' shortcode in versions up to, and including, 1.12.0 due to insufficient input sanitization and output escaping on 'giframe' user supplied...
CVE-2019-6965
An XSS issue was discovered in i-doit Open 1.12 via the src/tools/php/qr/qr.php url parameter...
ses's global contour bindings leak into Compartment lexical scope
Impact Web pages and web extensions using ses and the Compartment API to evaluate third-party code in an isolated execution environment that have also elsewhere used const, let, and class bindings in the top-level scope of a tag will have inadvertently revealed these bindings in the lexical scope...
FUXA SQL Injection Vulnerability
FUXA is an open source web-based process visualization SCADA/HMI/Dashboard software. A security vulnerability exists in FUXA version 1.1.12 and earlier, which stems from vulnerability to SQL injection attacks via /api/signin...
IBM Tivoli Storage Manager FastBack stack buffer overflow vulnerability (CNVD-2015-04187)
IBM Tivoli Storage Manager FastBack is a suite of software from IBM USA that provides continuous data protection and recovery management capabilities for Microsoft Windows and Linux servers. A stack buffer overflow vulnerability exists in IBM Tivoli Storage Manager FastBack version 6.1.12 prior t...