CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

NVD•added 2025/11/25 9:15 p.m.•6 views

CVE-2025-51746

An issue was discovered in jishenghua JSHERP 2.3.1. The /serialNumber/addSerialNumber endpoint is vulnerable to fastjson deserialization attacks...

9.8CVSS0.00146EPSS

Exploits0References4

OSV•added 2025/11/25 9:15 p.m.•3 views

CVE-2025-51746

An issue was discovered in jishenghua JSHERP 2.3.1. The /serialNumber/addSerialNumber endpoint is vulnerable to fastjson deserialization attacks...

9.8CVSS7AI score

Exploits0References4

CNNVD•added 2025/11/25 12:0 a.m.•3 views

jshERP 安全漏洞

jshERP Huaxia ERP is a homegrown ERP system by the individual developer of Ji Sheng Hua in China. A security vulnerability exists in jshERP version 2.3.1, which originates from the serialNumber/addSerialNumber endpoint being vulnerable to Fastjson deserialization attack...

9.8CVSS6.8AI score0.00146EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2012-0103

Malware in sbrugna...

4.6CVSS6AI score0.00255EPSS

Exploits0References12

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2012-3768

Malware in sbrugna...

4.3CVSS4.9AI score0.0037EPSS

Exploits2References6

OSV•added 2021/04/19 9:15 p.m.•0 views

CVE-2020-27241

An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The serialnumber parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.8CVSS6.8AI score0.00325EPSS

Exploits1References1

CNVD•added 2021/04/16 12:0 a.m.•5 views

OpenClinic GA SQL Injection Vulnerability (CNVD-2021-29429)

OpenClinic GA is an open source hospital integrated information management system . An SQL injection vulnerability exists in the serialnumber parameter in getAssets.jsp in OpenClinic GA version 5.173.3. An attacker can exploit this vulnerability by sending an HTTP request to perform a SQL injecti...

9.8CVSS7.3AI score0.00325EPSS

Exploits1References1

CNNVD•added 2021/04/13 12:0 a.m.•1 views

OpenClinic GA SQL注入漏洞

9.8CVSS5.9AI score0.00325EPSS

Exploits1References4

NVD•added 2020/02/28 9:15 p.m.•10 views

CVE-2019-10804

serial-number through 1.3.0 allows execution of arbritary commands. The "cmdPrefix" argument in serialNumber function is used by the "exec" function without any validation...

9.8CVSS9.5AI score0.00578EPSS

Exploits1References2

NVD•added 2020/01/10 8:15 p.m.•8 views

CVE-2012-3821

A Security Bypass vulnerability exists in the activate.asp page in Arial Software Campaign Enterprise 11.0.551, which could let a remote malicious user modify the SerialNumber field...

4.3CVSS4.7AI score0.0037EPSS

Exploits2References5

Prion•added 2020/01/10 8:15 p.m.•10 views

Security feature bypass

A Security Bypass vulnerability exists in the activate.asp page in Arial Software Campaign Enterprise 11.0.551, which could let a remote malicious user modify the SerialNumber field...

4CVSS7AI score0.0037EPSS

Exploits2References5Affected Software1

Cvelist•added 2020/01/10 7:21 p.m.•10 views

CVE-2012-3821

A Security Bypass vulnerability exists in the activate.asp page in Arial Software Campaign Enterprise 11.0.551, which could let a remote malicious user modify the SerialNumber field...

5AI score0.0037EPSS

Exploits2References5

Prion•added 2014/08/14 2:55 p.m.•8 views

Sql injection

Multiple SQL injection vulnerabilities in Campaign11.exe in Arial Software Campaign Enterprise before 11.0.551 allow remote attackers to execute arbitrary SQL commands via the 1 SerialNumber field to activate.asp or 2 UID field to User-Edit.asp...

7.5CVSS9.2AI score0.00417EPSS

Exploits2References5Affected Software1

NVD•added 2012/10/06 9:55 p.m.•7 views

CVE-2012-0065

Heap-based buffer overflow in the receivepacket function in libusbmuxd/libusbmuxd.c in usbmuxd 1.0.5 through 1.0.7 allows physically proximate attackers to execute arbitrary code via a long SerialNumber field in a property list...

4.6CVSS7.6AI score0.00255EPSS

Exploits0References10

Prion•added 2012/10/06 9:55 p.m.•15 views

Heap overflow

4.6CVSS8.3AI score0.00255EPSS

Exploits0References10Affected Software1

Debian CVE•added 2012/10/06 9:0 p.m.•11 views

CVE-2012-0065

4.6CVSS6AI score0.00255EPSS

Exploits0

Cvelist•added 2012/10/06 9:0 p.m.•13 views

CVE-2012-0065

7.5AI score0.00255EPSS

Exploits0References10

Tenable Nessus•added 2012/09/06 12:0 a.m.•19 views

Mandriva Linux Security Advisory : usbmuxd (MDVSA-2012:133)

It was discovered that usbmuxd did not correctly perform bounds checking when processing the SerialNumber field of USB devices. An attacker with physical access could use this to crash usbmuxd or potentially execute arbitrary code as the 'usbmux' user CVE-2012-0065. The updated packages have been...

4.6CVSS5.7AI score0.00255EPSS

Exploits0References1

Tenable Nessus•added 2012/02/20 12:0 a.m.•21 views

Fedora 15 : usbmuxd-1.0.7-3.fc15 (2012-1213)

Fixes CVE-2012-0065 It was discovered that usbmuxd did not correctly perform bounds checking when processing the SerialNumber field of USB devices. An attacker with physical access could use this to crash usbmuxd or potentially execute arbitrary code as the 'usbmux' user. Note that Tenable Networ...

4.6CVSS5.8AI score0.00255EPSS

Exploits0References3