51 matches found
CVE-2025-4992
A stored Cross-site Scripting XSS vulnerability affecting Service Items Management in Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-4992
A stored Cross-site Scripting XSS vulnerability affecting Service Items Management in Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-4992 Stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2025x
A stored Cross-site Scripting XSS vulnerability affecting Service Items Management in Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-4992 Stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2025x
A stored Cross-site Scripting XSS vulnerability affecting Service Items Management in Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
Dassault Systèmes Service Process Engineer 跨站脚本漏洞
Dassault Systèmes Service Process Engineer is a service process engineer from Dassault Systèmes France. A cross-site scripting vulnerability exists in Dassault Systèmes Service Process Engineer 3DEXPERIENCE R2024x through 3DEXPERIENCE R2025x versions, which originates from stored cross-site...
PT-2025-23305 · Unknown · Service Process Engineer
Name of the Vulnerable Software and Affected Versions: Service Process Engineer versions 3DEXPERIENCE R2024x through 3DEXPERIENCE R2025x Description: A stored Cross-site Scripting XSS issue affects Service Items Management in Service Process Engineer, allowing an attacker to execute arbitrary...
EulerOS 2.0 SP12 : krb5 (EulerOS-SA-2025-1424)
According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in krb5. With incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped...
CVE-2024-9627
The TeploBot - Telegram Bot for WP plugin for WordPress is vulnerable to sensitive information disclosure due to missing authorization checks on the 'serviceprocess' function in all versions up to, and including, 1.3. This makes it possible for unauthenticated attackers to view the Telegram Bot...
WordPress plugin TeploBot - Telegram Bot for WP 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin...
CVE-2021-0263
A Data Processing vulnerability in the Multi-Service process multi-svcs on the FPC of Juniper Networks Junos OS on the PTX Series routers may lead to the process becoming unresponsive, ultimately affecting traffic forwarding, allowing an attacker to cause a Denial of Service DoS condition . The...
CVE-2021-0263
A Data Processing vulnerability in the Multi-Service process multi-svcs on the FPC of Juniper Networks Junos OS on the PTX Series routers may lead to the process becoming unresponsive, ultimately affecting traffic forwarding, allowing an attacker to cause a Denial of Service DoS condition . The...
Command injection
A Data Processing vulnerability in the Multi-Service process multi-svcs on the FPC of Juniper Networks Junos OS on the PTX Series routers may lead to the process becoming unresponsive, ultimately affecting traffic forwarding, allowing an attacker to cause a Denial of Service DoS condition . The...
CVE-2021-0263 Junos OS: PTX Series: Denial of Service in packet processing due to heavy route churn when J-Flow sampling is enabled
A Data Processing vulnerability in the Multi-Service process multi-svcs on the FPC of Juniper Networks Junos OS on the PTX Series routers may lead to the process becoming unresponsive, ultimately affecting traffic forwarding, allowing an attacker to cause a Denial of Service DoS condition . The...
CVE-2021-0263
Summary: CVE-2021-0263 describes a DoS in Juniper Junos OS PTX Series caused by heavy J-Flow sampling churn in the Multi-Service process (multi-svcs) on the FPC, which can stall the KRT queue and halt updates, impacting traffic forwarding. Affected component is the Multi-Service process running o...
CVE-2021-1414
Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code with elevated privileges equivalent to the web service process on an affected device. These...
CVE-2017-5332
The extractgroupiconcursorresource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service process crash and execute arbitrary code via a crafted executable...
Design/Logic Flaw
In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120; and K7 Ultimate Security 16.0.xxx through 16.0.0120, the module K7TSHlpr.dll improperly validates the administrative privileges of the user, allowing arbitrary registry writes in the K7AVOptn.dll...
CVE-2019-14684
A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service's process. This process is very similar, yet not identical to CVE-2019-14687...
Linux kernel NFS41+ subsystem memory misreference vulnerability
The Linux kernel is the kernel used by Linux, an open source operating system released by the Linux Foundation in the U.S. The NFS41+ subsystem is one of the file subsystems. A memory misreference vulnerability exists in the 'make bcsvcprocess' function of the NFS41+ subsystem in the Linux kernel...
SUSE-SU-2017:1379-1 Security update for libplist
This update for libplist fixes the following issues: - CVE-2017-5209: The base64decode function in libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read via split encoded Apple Property List data bsc1019531. - CVE-2017-5545: T...