14 matches found
EUVD-2026-40869
An out-of-bounds heap write exists in the RAR5 recovery-volume .rev parser in WinRAR and UnRAR RecVolumes5::ReadHeader in recvol5.cpp. The RecItems vector is sized only when the first .rev file in a set is processed; subsequent .rev files supply an independent RecNum value that is validated again...
CVE-2026-41177
Squidex is an open source headless content management system and content management hub. Prior to version 7.23.0, the Squidex Restore API is vulnerable to Blind Server-Side Request Forgery SSRF. The application fails to validate the URI scheme of the user-supplied Url parameter, allowing the use ...
CVE-2026-41172
Squidex is an open source headless content management system and content management hub. Prior to version 7.23.0, an SSRF vulnerability allows a user with asset upload permission to force the server to fetch arbitrary URLs, including localhost/private network targets, and persist the response as ...
PT-2026-26955
ZOC Terminal 7.23.4 contains a buffer overflow vulnerability in the Shell field of Program Settings that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a crafted payload into the Shell configuration field and trigger a crash when...
PT-2023-8450 · Ilias · Ilias
Name of the Vulnerable Software and Affected Versions: ILIAS versions prior to 7.23 ILIAS versions 8 prior to 8.3 Description: The issue is related to the incorrect implementation of the sequence of actions in the ILIAS learning management system. It allows a remote attacker to execute arbitrary...
VulnCheck KEV: CVE-2018-11222
Local File Inclusion LFI in Artica Pandora FMS through version 7.23 allows an attacker to call any php file via the /pandoraconsole/ajax.php ajax endpoint...
SUSE CVE-2018-3161
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Partition. Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...
SUSE CVE-2018-3284
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Serve...
CVE-2022-35239
The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated...
Oracle MySQL Server Component Access Control Error Vulnerability (CNVD-2019-26527)
Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A component access control error vulnerability exists in the Server: Replication subcomponent of the MySQL Server component in Oracle MySQL, version...
mysql: Server: Security: Audit unspecified vulnerability (CPU Oct 2018)
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Audit. Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...
mysql: Server: Parser unspecified vulnerability (CPU Oct 2018)
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Parser. Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...
Oracle MySQL Server Unauthorized Operation Vulnerability (CNVD-2018-21487)
Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in the MySQL Server component in Oracle MySQL, version 5.7.23 and earlier, and the Server: Partition subcomponent in...
Unspecified Vulnerability in Oracle MySQL Server (CNVD-2019-26721)
Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in the MySQL Server component in Oracle MySQL, version 5.7.23 and earlier, and the Server: Optimizer subcomponent in...