13 matches found
CVE-2026-43891
changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting attacker-controlled snapshot paths restored from backup files. The vulnerable flow starts in the backup restore logic. When a backup ZIP is restored, the application...
Nginx UI 安全漏洞
Nginx UI is a web interface for Nginx developed by Jacky. Versions of Nginx UI prior to 2.3.4 contained security vulnerabilities. These vulnerabilities stemmed from the backup and restoration mechanism, which allowed attackers to tamper with encrypted backup archives and inject malicious...
kernel: RDMA/rxe: Fix incomplete state save in rxe_requester
An incorrect state restoration flaw was found in the Linux kernel's RDMA rxe soft-RoCE driver in the requester packet transmission logic. A local user with access to RDMA devices can trigger this issue when network layer packet drops occur during RDMA send operations, causing the work queue eleme...
The vulnerability of the SetSmartQoSSettings.php script in D-Link DIR-846 router software allows a hacker to execute arbitrary commands.
The vulnerability of the SetSmartQoSSettings.php script of the D-Link DIR-846 router operating system is related to the restoration of unreliable data in memory due to the failure to eliminate certain elements during the processing of parameters smartqoosexpressdevices and smartqoosnormaldevices...
The vulnerability of the executable file FTSSBackupRestore.exe of the FactoryTalk Policy Manager and FactoryTalk System Services software allows a perpetrator to upload malicious configuration files.
The vulnerability of the executable file FTSSBackupRestore.exe from the manufacturing process management software FactoryTalk Policy Manager and the FactoryTalk System Services system service is related to deficiencies in the authentication process. Exploiting this vulnerability could allow...
The vulnerability of the Drools business rule management system lies in the ability to restore unreliable data in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the Drools business rules management system is related to the restoration of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the virtual learning environment Moodle, related to the restoration of unreliable data in memory, allows a perpetrator to execute arbitrary code.
The vulnerability in the virtual training environment Moodle is related to the insecure input verification during the restoration of backup files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading the restored file...
The vulnerability of the JMX data management platform of Apache Geode allows an attacker to execute arbitrary code.
The vulnerability of the JMX data management platform of Apache Geode involves the restoration of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS component in the Jackson-databind library of the FasterXML project allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS component in the Jackson-databind library of the FasterXML project is related to the restoration of unreliable data in memory. Exploiting this vulnerability may allow an attacker to compromise the confidentiality,...
The vulnerability of the oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS component in the Jackson-databind library of the FasterXML project allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS component in the Jackson-databind library of the FasterXML project is related to the restoration of unreliable data in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentialit...
The vulnerability of the Apache OFBiz resource planning software lies in its ability to restore unreliable data in memory, allowing an attacker to execute arbitrary code.
The vulnerability of Apache OFBiz’s resource planning software lies in its ability to restore unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted request...
The vulnerability of the org.apache.activemq component in the Jackson-databind library of the FasterXML project allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the org.apache.activemq component in the Jackson-databind library of the FasterXML project relates to the restoration of unreliable data in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protect...
Firefox XSS vulnerabilities in SessionStore
Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cross-site scripting XSS attacks via unknown...