12 matches found
PT-2026-48929
Name of the Vulnerable Software and Affected Versions NanaZip versions 3.0.1000.0 through 6.0.1697.0 Description A heap out-of-bounds read exists in the Android Verified Boot AVB vbmeta image parser via the upstream 7-Zip AvbHandler. An unsigned integer underflow in a bounds check allows an...
EUVD-2025-36121
Stored cross-site scripting XSS vulnerability in the LMT Dashboard of the Perx Customer Engagement & Loyalty Platform allows an authenticated attacker to execute arbitrary JavaScript code in a victim's browser. The vulnerability is due to improper sanitization of SVG file uploads. An attacker can...
WordPress Additional Custom Product Tabs for WooCommerce Plugin <= 1.7.3 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Additional Custom Product Tabs for WooCommerce versions = 1.7.3...
HL7 FHIR IG Publisher Artifacts 代码问题漏洞
HL7 FHIR IG Publisher Artifacts is an open source tool by Health Level Seven International for obtaining a set of inputs. A code issue vulnerability exists in HL7 FHIR IG Publisher Artifacts versions prior to 1.7.4. An attacker can exploit this vulnerability to perform an XML external entity...
PT-2024-27127 · Prestashop · Products Alert
Name of the Vulnerable Software and Affected Versions: PrestaShop module "Products Alert" productsalert versions prior to 1.7.4 Description: The issue allows attackers to obtain sensitive information and cause other impacts via the ProductsAlertAjaxProcessModuleFrontController::initContent method...
CVE-2023-6174 Out-of-bounds Read in Wireshark
SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file...
SUSE CVE-2010-2783
IcedTea6 before 1.7.4 allow unsigned apps to read and write arbitrary files, related to Extended JNLP Services...
CVE-2022-31748
Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon Coppeard, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited ...
DEBIAN-CVE-2020-12758
HashiCorp Consul and Consul Enterprise could crash when configured with an abnormally-formed service-router entry. Introduced in 1.6.0, fixed in 1.6.6 and 1.7.4...
ALPINE-CVE-2019-12816
Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name...
CVE-2026-21744
CVE-2026-21744 entry is rejected/not used and does not represent an active vulnerability.
CVE-2026-21747
...