Lucene search
K

44 matches found

Cvelist
Cvelist
added 2026/06/29 12:0 a.m.21 views

CVE-2026-51218

A heap buffer overflow in the TS7Worker::PerformFunctionWrite function /core/s7server.cpp of snap7 v1.4.3 allows attackers to cause a Denial of Service DoS via a crafted packet...

0.00303EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/29 12:0 a.m.4 views

CVE-2026-51218

A heap buffer overflow in the TS7Worker::PerformFunctionWrite function /core/s7server.cpp of snap7 v1.4.3 allows attackers to cause a Denial of Service DoS via a crafted packet...

6AI score0.00303EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.5 views

PT-2026-53751

Name of the Vulnerable Software and Affected Versions snap7 version 1.4.3 Description A heap buffer overflow occurs in the TS7Worker::PerformFunctionWrite function located in /core/s7 server.cpp. This issue allows an attacker to trigger a Denial of Service DoS by sending a specially crafted packe...

6.1AI score0.00303EPSS
Exploits0References4
Hacker One
Hacker One
added 2026/06/01 8:53 a.m.15 views

curl: heap-use-after-free in state.referer when CURLOPT_REFERER replaced or cleared after perform

Calling curleasysetoptcurl, CURLOPTREFERER, ... to replace or clear a previously-set referer after curleasyperform frees the old string via Curlsetstropt lib/setopt.c:87 but leaves data-state.referer.ptr pointing at the freed heap region. curleasygetinfoCURLINFOREFERER and curleasyduphandle then...

5.6AI score
Exploits0
OSV
OSV
added 2026/05/17 12:13 a.m.9 views

OSV-2026-759 UNKNOWN READ in bfd_getb32

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513690224 Crash type: UNKNOWN READ Crash state: bfdgetb32 nds32elflo12reloc bfdperformrelocation...

5.8AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.5 views

PT-2026-23493

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A flaw exists in the IdentityBrokerService.performLogin endpoint of Keycloak that allows authentication to continue using an Identity Provider IdP even after it has been administratively...

8.1CVSS5.7AI score0.00333EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.9 views

PT-2026-21959

Name of the Vulnerable Software and Affected Versions OneUptime versions prior to 10.0.7 Description OneUptime, a service monitoring solution, contains an OS command injection flaw in the NetworkPathMonitor.performTraceroute function. Any authenticated project user can execute arbitrary operating...

9.9CVSS5.8AI score0.01729EPSS
Exploits1References13
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.7 views

Palantir Aries security vulnerabilities

Palantir Aries is a software distribution and management system developed by the American company Palantir. There is a security vulnerability in Palantir Aries, which stems from bypassing authentication and authorization checks. This vulnerability may allow unauthenticated clients to view system...

6.6CVSS5.8AI score0.00368EPSS
Exploits0References2
ICS
ICS
added 2025/05/29 6:0 a.m.12 views

Instantel Micromate (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to access the device's configuration port and execute commands. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability,...

9.8CVSS10AI score0.0078EPSS
Exploits1References10
CNNVD
CNNVD
added 2025/04/02 12:0 a.m.6 views

IBM TXSeries for Multiplatforms 跨站请求伪造漏洞

IBM TXSeries for Multiplatforms is a transaction monitoring and management software product from International Business Machines IBM designed to support distributed transaction processing on multiple platforms. A cross-site request forgery vulnerability exists in IBM TXSeries for Multiplatforms,...

8.8CVSS6.8AI score0.00165EPSS
Exploits0References2
CVE
CVE
added 2024/09/06 4:27 p.m.52 views

CVE-2023-39298

CVE-2023-39298 affects QNAP QTS and QuTS hero where a missing authorization vulnerability could allow local authenticated users to access data or perform actions beyond their permissions via unspecified vectors. The issue is documented to impact several QNAP operating system versions, with QuTScl...

7.8CVSS7.4AI score0.0014EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/02/20 12:0 a.m.4 views

Liferay Portal and Liferay DXP Security Vulnerabilities

Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP ...

5.4CVSS6.7AI score0.00333EPSS
Exploits0References2
OSV
OSV
added 2024/02/06 10:16 p.m.5 views

CVE-2023-38579

The cross-site request forgery token in the request may be predictable or easily guessable allowing attackers to craft a malicious request, which could be triggered by a victim unknowingly. In a successful CSRF attack, the attacker could lead the victim user to carry out an action unintentionally...

8.8CVSS5.7AI score0.00232EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2023/12/28 7:20 p.m.8 views

formation-perform-coach.fr Improper Access Control vulnerability OBB-3824515

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2023/11/30 12:0 a.m.419 views

CE Phoenix 1.0.8.20 Remote Code Execution

Exploit Title: CE Phoenix v1.0.8.20 - Remote Code Execution RCE Authenticated Date: 2023-11-25 Exploit Author: tmrswrr Category: Webapps Vendor Homepage: CE Phoenix Version: v1.0.8.20 Tested on: Softaculous Demo - CE Phoenix EXPLOIT : import requests from bs4 import BeautifulSoup import sys impor...

7.4AI score
Exploits0
Code423n4
Code423n4
added 2023/08/10 12:0 a.m.6 views

Anyone can call the perform function because there is no access control

Lines of code L31-L75 Vulnerability details Impact Anyone can call the perform function. It can lead to unauthorized changes in the security council. Proof of Concept There is no access control in the perform function and it is marked "external". function performaddress securityCouncil, address...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/08/10 12:0 a.m.12 views

Anyone can change the members of Security Council

Lines of code Vulnerability details Impact Anyone can change the members of security council by calling the function perform in the contract SecurityCouncilMemberSyncAction.sol as the function is open to all. Proof of Concept uint256 updateNonce = getUpdateNoncesecurityCouncil; if nonce =...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/08/09 12:0 a.m.8 views

The upgrade executor is granted the canceller role instead of the new emergency security council.

Lines of code Vulnerability details Impact In L1SCMgmtActivationAction.sol, the perform function is not granting role to the new emergency security council. It instead grants it to the upgrade executor. This logic doesn't align with the function inline comment and can prevent the perform function...

6.8AI score
Exploits0
ICS
ICS
added 2023/04/18 7:27 p.m.67 views

FANUC ROBOGUIDE-HandlingPRO

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: FANUC Equipment: ROBOGUIDE-HandlingPRO Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read and/or overwrite files on the system running the affected...

7.5CVSS7.3AI score0.00943EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2022/11/25 12:0 a.m.56 views

FreeBSD : chromium -- multiple vulnerabilities (8d3838b0-6ca8-11ed-92ce-3065ec8fd3ec)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8d3838b0-6ca8-11ed-92ce-3065ec8fd3ec advisory. - Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who ha...

9.6CVSS8.9AI score0.31864EPSS
Exploits1References3
Rows per page
Query Builder