14 matches found
CyberPower < v2.8.3 - SQL Injection
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to . id: CVE-2024-32736 info: name: CyberPower PDNU" tags: cve,cve2024,cyberpower,sqli,vkev,vuln http: - method: GET path: - "BaseURL/api/v1/confup?mode=&uid=1'%20UNION%20select%201,2,3,4,sqliteversion;--"...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the RDMA rxe driver not rejecting non-8-byte AtomicWrite payloads, potentially leading to remote...
bareiron 安全漏洞
Bareiron is a Minecraft game server developed by the P2R3 individual developer. Bareiron has a security vulnerability that stems from excessive reading of memory contents. This vulnerability could allow unverified remote attackers to cause information leakage by sending data packets...
Google Pixel 安全漏洞
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a security vulnerability that stems from a lack of boundary checking, which could lead to remote information leakage...
CVE-2002-2148
Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline Router 6.0.2 and earlier and Lucent DSLTerminator allows remote attackers to obtain sensitive information such as hostname, MAC, and IP address of the Ethernet interface via a discard UDP port 9 packet, which causes the device to le...
OpenPetra 安全漏洞
OpenPetra is a free management software from OpenPetra, Inc. A security vulnerability exists in openPetra version 2023.02, which originates in the serverMConference.asmx function and could allow a remote attacker to obtain sensitive information...
CVE-2023-46963
An issue in Beijing Yunfan Internet Technology Co., Ltd, Yunfan Learning Examination System v.6.5 allows a remote attacker to obtain sensitive information via the password parameter in the login function...
多款Adobe产品缓冲区错误漏洞
Adobe Acrobat is a set of PDF file editing and conversion tools. Adobe Reader is a set of PDF document reading software. Several Adobe products have an out-of-bounds read vulnerability, remote attackers can use this vulnerability to obtain sensitive information...
CVE-2021-39026
IBM Guardium Data Encryption GDE 5.0.0.2 and 5.0.0.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle...
The vulnerability of the `redirect_to` and `polymorphic_url` methods in the Action Pack component of the Ruby on Rails software framework allows for information leakage in error messages, enabling attackers to access confidential data.
The vulnerability of the redirectto and polymorphicurl methods in the Action Pack component of the Ruby on Rails software framework is related to the leakage of information in error messages. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to confidential...
EulerOS 2.0 SP8 : libvpx (EulerOS-SA-2020-1867)
According to the versions of the libvpx package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Check in libvpx, due to lack of boundaries, may read crossing the line.This can lead to a remote information leakage, without other executive...
Cisco Prime Collaboration Assurance Information Leakage Vulnerability
Cisco Prime Collaboration Assurance is a video and voice services solution. A remote information leakage vulnerability exists in Cisco Prime Collaboration Assurance. An attacker could exploit this vulnerability to obtain sensitive information and cause further attacks...
Microsoft Internet Explorer 8 IMG Tag Hijacking
Hello Full disclosure! Once again, unwinding theme HiJacking found a fun way to get the very least information about the target resource when the user is located at the attacker. Already crocked tag opens new opportunities using the method fileSize, described here:...
CVE-2002-2191
Lotus Domino 5.0.9a and earlier, even when configured with the 'DominoNoBanner=1' option, allows remote attackers to obtain potential sensitive information such as the version via a request for a non-existent .nsf database, which leaks the version in the HTTP banner...