15833 matches found
PT-2026-30713
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the site customization endpoint at admin/customize settings nativeUpdate.json.php lacks CSRF token validation and writes uploaded logo files to disk before the ORM's domain-based security check executes. Combined with...
Dgraph 安全漏洞
Dgraph is an open-source, horizontally scalable distributed GraphQL database with a graphical backend. Versions of Dgraph prior to 25.3.1 contained a security vulnerability. This vulnerability stemmed from a flaw in the restoreTenant management mechanism, which lacked an authorization middleware...
Text Generation Web UI 路径遍历漏洞
Text Generation Web UI is a local AI UI interface developed by oobabooga’s individual developer. Versions of Text Generation Web UI prior to 4.1.1 contained a path traversal vulnerability. This vulnerability stems from allowing extended settings to be saved in the py format, which can overwrite...
WWBN AVideo 跨站请求伪造漏洞
WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 26.0 contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the lack of CSRF token verification for custom site endpoints, which could allow...
SUSE: Security Advisory (SUSE-SU-2026:1177-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EUVD-2019-20058
Remote Process Explorer 1.0.0.16 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by sending a crafted payload to the Add Computer dialog. Attackers can paste a malicious string into the computer name textbox and trigger a crash by connecting to th...
EUVD-2018-21766
IP TOOLS 2.50 contains a local buffer overflow vulnerability in the SNMP Scanner component that allows local attackers to crash the application by supplying oversized input. Attackers can paste malicious data into the 'From Addr' and 'To Addr' fields and trigger the crash by clicking the Start...
EUVD-2019-20048
R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler SEH overwrite by supplying malicious input. Attackers can craft a payload string in the 'Language for menus and messages' field to...
CVE-2019-25681
Xlight FTP Server 3.9.1 contains a structured exception handler SEH overwrite vulnerability that allows local attackers to crash the application and overwrite SEH pointers by supplying a crafted buffer string. Attackers can inject a 428-byte payload through the program execution field in virtual...
CVE-2019-25656
R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler SEH overwrite by supplying malicious input. Attackers can craft a payload string in the 'Language for menus and messages' field to...
CVE-2019-25681
CVE-2019-25681 affects Xlight FTP Server 3.9.1. The issue is a structured exception handler (SEH) overwrite that allows a local attacker to crash the application and overwrite SEH pointers by sending a crafted buffer. Specifically, a 428-byte payload injected via the program execution field in th...
CVE-2019-25681 Xlight FTP Server 3.9.1 SEH Overwrite Buffer Overflow
Xlight FTP Server 3.9.1 contains a structured exception handler SEH overwrite vulnerability that allows local attackers to crash the application and overwrite SEH pointers by supplying a crafted buffer string. Attackers can inject a 428-byte payload through the program execution field in virtual...
CVE-2019-25656
CVE-2019-25656 affects R i386 3.5.0. The vulnerability is a local buffer overflow in the GUI Preferences dialog, allowing a local attacker to trigger a structured exception handler (SEH) overwrite by supplying malicious input. An attacker can craft a payload in the 'Language for menus and message...
CVE-2019-25656 R i386 3.5.0 Local Buffer Overflow SEH
R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler SEH overwrite by supplying malicious input. Attackers can craft a payload string in the 'Language for menus and messages' field to...
CVE-2019-25656
R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler SEH overwrite by supplying malicious input. Attackers can craft a payload string in the 'Language for menus and messages' field to...
CVE-2019-25656 R i386 3.5.0 Local Buffer Overflow SEH
R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler SEH overwrite by supplying malicious input. Attackers can craft a payload string in the 'Language for menus and messages' field to...
Emlog-v2.6.9-Vulnerability-Report
Emlog-v2.6.9-Vulnerability-Report CVE ID: REQUESTED D...
PT-2026-30479
River Past Video Cleaner 7.6.3 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lame enc.dll field. Attackers can craft a payload with 280 bytes of padding, a next structured exceptio...
PT-2026-30506
IP TOOLS 2.50 contains a local buffer overflow vulnerability in the SNMP Scanner component that allows local attackers to crash the application by supplying oversized input. Attackers can paste malicious data into the 'From Addr' and 'To Addr' fields and trigger the crash by clicking the Start...
PT-2026-30489
Xlight FTP Server 3.9.1 contains a structured exception handler SEH overwrite vulnerability that allows local attackers to crash the application and overwrite SEH pointers by supplying a crafted buffer string. Attackers can inject a 428-byte payload through the program execution field in virtual...