Lucene search
K

22 matches found

NVD
NVD
added 2026/06/25 7:16 p.m.9 views

CVE-2026-56790

CANBoat through 6.22, fixed in commit a5a22b7, contains an off-by-one global buffer overflow in the searchForPgn function in analyzer/pgn.c that allows remote attackers to crash the application. Attackers can deliver a crafted NMEA-2000 message with an out-of-range PGN value over CAN bus or...

7.3CVSS0.00215EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 6:14 p.m.12 views

CVE-2026-56790

CANBoat (up to version 6.22) contains an off-by-one global buffer overflow in analyzer/pgn.c:searchForPgn() that can crash the application when processing a crafted NMEA-2000 message with an out-of-range PGN sent over CAN bus or N2K-over-IP. The root cause is an out-of-bounds array access. The is...

7.3CVSS6.2AI score0.00215EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 6:14 p.m.4 views

EUVD-2026-39532

CANBoat through 6.22, fixed in commit a5a22b7, contains an off-by-one global buffer overflow in the searchForPgn function in analyzer/pgn.c that allows remote attackers to crash the application. Attackers can deliver a crafted NMEA-2000 message with an out-of-range PGN value over CAN bus or...

7.3CVSS6.2AI score0.00215EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/12 2:20 a.m.14 views

CVE-2026-34260 SQL injection vulnerability in SAP S/4HANA (SAP Enterprise Search for ABAP)

SAP S/4HANA SAP Enterprise Search for ABAP contains a SQL injection vulnerability that allows an authenticated attacker to inject malicious SQL statements through user-controlled input. The application directly concatenates this malicious user input into SQL queries, which are then passed to the...

9.6CVSS5.9AI score0.00466EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/27 6:31 p.m.5 views

EUVD-2025-36219

Reflected Cross Site Scripting vulnerability in Rubikon Banking Solution 4.0.3 in the "Search For Customers Information" endpoints...

5.4CVSS5.9AI score0.00158EPSS
Exploits0References2
NVD
NVD
added 2025/10/27 6:15 p.m.18 views

CVE-2025-60983

Reflected Cross Site Scripting vulnerability in Rubikon Banking Solution 4.0.3 in the "Search For Customers Information" endpoints...

5.4CVSS0.00158EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/27 12:0 a.m.4 views

CVE-2025-60983

Reflected Cross Site Scripting vulnerability in Rubikon Banking Solution 4.0.3 in the "Search For Customers Information" endpoints...

6.1AI score0.00158EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-28183

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00128EPSS
Exploits0References1
Prion
Prion
added 2019/06/20 2:15 p.m.13 views

Design/Logic Flaw

A "search for user discovery" injection issue exists in Creatiwity wityCMS 0.6.2 via the "Utilisateur" menu. No input parameters are filtered, e.g., the /admin/user/users Nickname, email, firstname, lastname, and groupe parameters...

4CVSS5AI score0.00931EPSS
Exploits1References1Affected Software1
n0where
n0where
added 2018/11/20 11:32 p.m.188 views

Nmap Web Dashboard and Reporting: WebMap

Features Import and parse Nmap XML files Statistics and Charts on discovered services, ports, OS, etc… Inspect a single host by clicking on its IP address Attach labels on a host Insert notes for a specific host Create a PDF Report with charts, details, labels and notes Copy to clipboard as Nikto...

6.4AI score
Exploits0References1
CNVD
CNVD
added 2018/11/20 12:0 a.m.2 views

Library Management System SQL Injection Vulnerability

Library Management System is a library management system. A SQL injection vulnerability exists in Library Management System version 1.0. A remote attacker can use the 'Search for Books' page to view, add, modify, or delete information in the back-end database...

9.8CVSS7.9AI score0.01587EPSS
Exploits5References1
NVD
NVD
added 2018/11/16 6:29 p.m.15 views

CVE-2018-18796

Library Management System 1.0 has SQL Injection via the "Search for Books" screen...

9.8CVSS10AI score0.01587EPSS
Exploits5References1
OSV
OSV
added 2018/11/16 6:29 p.m.3 views

CVE-2018-18796

Library Management System 1.0 has SQL Injection via the "Search for Books" screen...

9.8CVSS5.8AI score0.01587EPSS
Exploits5References1
CVE
CVE
added 2018/11/16 6:0 p.m.55 views

CVE-2018-18796

The CVE-2018-18796 entry corresponds to a SQL Injection vulnerability in Library Management System 1.0, exploitable via the frmListBooks/Search for Books path. Public details show the vulnerability arises from unsafe SQL construction in the frmListBooks flow (e.g., textSearch input), with PoC and...

9.8CVSS9.9AI score0.01587EPSS
Exploits5References1Affected Software1
Cvelist
Cvelist
added 2018/11/16 6:0 p.m.15 views

CVE-2018-18796

Library Management System 1.0 has SQL Injection via the "Search for Books" screen...

10AI score0.01587EPSS
Exploits5References1
OpenVAS
OpenVAS
added 2018/02/12 12:0 a.m.30 views

LiveZilla 'knowledgebase.php' Cross Site Scripting Vulnerability

LiveZilla is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.1CVSS6AI score0.01341EPSS
Exploits2References3
CNVD
CNVD
added 2018/02/06 12:0 a.m.4 views

Project-Pier ProjectPier-Core Cross-Site Scripting Vulnerability

Project-Pier ProjectPier-Core is a free open source project management system. Multiple cross-site scripting vulnerabilities exist in Project-Pier ProjectPier-Core. A remote attacker can inject arbitrary web script or HTML by sending the 'searchfor' parameter to the searchbytag.php file,...

6.1CVSS6.1AI score0.01084EPSS
Exploits1References1
OSV
OSV
added 2018/01/18 2:29 p.m.4 views

CVE-2017-15869

Cross-site scripting XSS vulnerability in knowledgebase.php in LiveZilla before 7.0.8.9 allows remote attackers to inject arbitrary web script or HTML via the search-for parameter...

6.1CVSS5.9AI score0.01341EPSS
Exploits2References3
Cvelist
Cvelist
added 2018/01/18 2:0 p.m.23 views

CVE-2017-15869

Cross-site scripting XSS vulnerability in knowledgebase.php in LiveZilla before 7.0.8.9 allows remote attackers to inject arbitrary web script or HTML via the search-for parameter...

6.1AI score0.01341EPSS
Exploits2References3
CNVD
CNVD
added 2018/01/18 12:0 a.m.4 views

LiveZilla knowledgebase.php file cross-site scripting vulnerability

LiveZilla is a free online customer service system from the German company LiveZilla. The system provides real-time monitoring of visitors, offline messages, GeoTracking map tracking, access statistics, online chat and other features. A cross-site scripting vulnerability exists in the...

6.1CVSS5.9AI score0.01341EPSS
Exploits2References1
Rows per page
Query Builder