Lucene search
K

18 matches found

CVE
CVE
added 10 hours ago10 views

CVE-2026-10055

CVE-2026-10055 affects Eclipse Theia (since 1.26.0). The issue arises in the backend /services/request-service RPC, which accepts an attacker-controlled URL from any client connected to the standard /services messaging endpoint, then performs the HTTP request server-side and returns the full resp...

8.5CVSS6AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 10 hours ago5 views

CVE-2026-10055

In Eclipse Theia since version 1.26.0, the backend /services/request-service RPC accepts an attacker-controlled URL from any client connected to the standard /services messaging endpoint, performs the HTTP request server-side, and returns the full response body to the caller. Because the...

8.5CVSS6AI score
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/01 2:15 a.m.45 views

CVE-2026-10215 Dolibarr ERP CRM Leave Request REST API api_holidays.class.php checkUserAccessToObject improper authorization

A security vulnerability has been detected in Dolibarr ERP CRM up to 23.0.1. Impacted is the function checkUserAccessToObject of the file htdocs/holiday/class/apiholidays.class.php of the component Leave Request REST API. The manipulation leads to improper authorization. The attack may be initiat...

5.3CVSS0.00259EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2020/12/01 3:26 p.m.2 views

Mozilla: Use-after-free in WebRequestService

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

8.8CVSS7.4AI score0.01275EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/11/30 8:27 p.m.4 views

Mozilla: Use-after-free in WebRequestService

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

8.8CVSS7.4AI score0.01275EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/11/30 9:0 a.m.4 views

Mozilla: Use-after-free in WebRequestService

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

8.8CVSS7.4AI score0.01275EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/11/30 8:55 a.m.8 views

Mozilla: Use-after-free in WebRequestService

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

8.8CVSS7.4AI score0.01275EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/11/30 8:51 a.m.4 views

Mozilla: Use-after-free in WebRequestService

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

8.8CVSS7.4AI score0.01275EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/11/30 8:37 a.m.4 views

Mozilla: Use-after-free in WebRequestService

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

8.8CVSS7.4AI score0.01275EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2019/09/02 12:0 a.m.6 views

The vulnerability in the web interface of the Cisco Integrated Management Controller, a software tool for remote administration of servers, allows a perpetrator to execute arbitrary commands with root privileges.

The vulnerability of the web interface for managing Cisco Integrated Management Controllers involves errors during the verification of data entered by the user in the Certificate Request Service function. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands with ro...

9CVSS5.8AI score0.0182EPSS
Exploits0References2
Prion
Prion
added 2014/08/01 11:13 a.m.13 views

Directory traversal

Multiple directory traversal vulnerabilities in crs.exe in the Cell Request Service in HP Data Protector allow remote attackers to create arbitrary files via an opcode-1091 request, or create or delete arbitrary files via an opcode-305 request. NOTE: the vendor reportedly asserts that this behavi...

6.4CVSS7.5AI score0.34765EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2014/08/01 10:0 a.m.43 views

CVE-2014-5160

HP Data Protector’s Cell Request Service crs.exe is affected by two directory traversal vulnerabilities (opcode 1091 and 305). The flaws allow remote, unauthenticated attackers to write or delete arbitrary files, with potential code execution in the service context. Affected component is crs.exe ...

6.4CVSS7.1AI score0.34765EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2013/10/14 12:0 a.m.40 views

HP Data Protector Cell Request Service Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'HP Data Protector Cell Request Servic...

10CVSS1.1AI score0.90162EPSS
Exploits8
Check Point Advisories
Check Point Advisories
added 2013/09/29 12:0 a.m.2 views

HP Data Protector CRS Opcode 235 Stack Buffer Overflow (CVE-2013-2325)

A stack buffer overflow has been discovered in HP Data Protector. The vulnerability exists in the Cell Request service crs.exe, which listens on a randomly chosen port. The application fails to sanitize input with opcode 235, which can result in a stack buffer overflow. A remote, unauthenticated...

10CVSS6.9AI score0.61043EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2013/09/03 12:0 a.m.4 views

HP Data Protector CRS Opcode 227 Stack Buffer Overflow (CVE-2013-2335)

A stack buffer overflow vulnerability has been discovered in HP Data Protector. The vulnerability exists in the Cell Request Service crs.exe, which listens on a randomly chosen port. The application fails to sanitize input with opcode 227, which can result in a stack buffer overflow. A remote,...

10CVSS7.7AI score0.61043EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2013/07/30 12:0 a.m.2 views

HP Data Protector CRS Opcode 234 Stack Buffer Overflow (CVE-2013-2326)

A buffer overflow has been reported in HP Data Protector. The vulnerability exists in the Cell Request Service crs.exe, which listens on a randomly chosen port. The application fails to sanitize input with opcode 234, which can result in a stack buffer overflow. A remote, unauthenticated attacker...

10CVSS7.7AI score0.61043EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2013/07/14 12:0 a.m.4 views

HP Data Protector CRS Opcode 305 Stack Buffer Overflow (CVE-2013-2330)

A stack buffer overflow has been reported in HP Data Protector. The vulnerability is in the Cell Request service, which listens on a randomly chosen port. The application fails to sanitize input with opcode 305, which can result in a stack-based buffer overflow. A remote, unauthenticated attacker...

10CVSS7.7AI score0.61043EPSS
Exploits0
Exploit DB
Exploit DB
added 2000/05/31 12:0 a.m.28 views

Microsoft Windows Media Services 4.0/4.1 - Denial of Service (MS00-038)

// source: https://www.securityfocus.com/bid/1282/info Windows Media Encoder is part of Windows Media Services. It's purpose is to convert content into a suitable format for video or audio streaming through the Media Services. If a specially malformed request is sent to the Windows Media Encoder ...

7AI score
Exploits0
Rows per page
Query Builder