Lucene search
K

26 matches found

NVD
NVD
added 2025/07/08 7:15 p.m.5 views

CVE-2025-27367

IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to improper input validation due to bypassing of client-side validation for the data types and requiredness of fields for GRC Objects when an authenticated user sends a specially crafted payload to the server allowing for data to be saved withou...

6.5CVSS0.00221EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/08 12:0 a.m.5 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption when processing a specially crafted payload in the video firmware...

7.8CVSS6.6AI score0.00087EPSS
Exploits0References1
OSV
OSV
added 2025/01/27 7:12 a.m.6 views

BIT-KIBANA-2024-43708

An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted payload to a number of inputs in Kibana UI. This can be carried out by users with read access to any feature in Kibana...

6.5CVSS6.2AI score0.00368EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2024/01/31 12:0 a.m.1493 views

Trojan.Win32 BankShot MVID-2024-0669 Buffer Overflow

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/f2fd6a7b400782bb43499e722fb62cf4.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32 BankShot Vulnerability: Remote Stack Buffer Overflow SEH Description: The...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2023/12/12 9:55 p.m.14 views

CVE-2023-49994

A flaw was found in the espeak-ng package. A local attacker can use a specially crafted payload to trigger a floating point exception error, which may lead to a denial of service. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red H...

5.5CVSS6.5AI score0.00376EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2023/12/12 9:55 p.m.14 views

CVE-2023-49993

A flaw was found in the espeak-ng package. A local attacker can use a specially crafted payload to trigger a buffer overflow condition, which may lead to an application crash or allow for arbitrary code execution. Mitigation Mitigation for this issue is either not available or the currently...

5.3CVSS7.5AI score0.00405EPSS
Exploits1References3
OSV
OSV
added 2023/12/08 3:23 p.m.11 views

GHSA-7787-P7X6-FQ3J Candid infinite decoding loop through specially crafted payload

Impact The Candid library causes a Denial of Service while parsing a specially crafted payload with empty data type. For example, if the payload is record ; empty and the canister interface expects record then the rust candid decoder treats empty as an extra field required by the type. The proble...

7.5CVSS7.5AI score0.01212EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2023/12/08 3:15 p.m.35 views

CVE-2023-6245

The Candid library causes a Denial of Service while parsing a specially crafted payload with 'empty' data type. For example, if the payload is record ; empty and the canister interface expects record then the Rust candid decoder treats empty as an extra field required by the type. The problem wit...

7.5CVSS7.2AI score0.01212EPSS
Exploits0References6
OSV
OSV
added 2023/12/08 12:0 p.m.40 views

RUSTSEC-2023-0073 Infinite decoding loop through specially crafted payload

The Candid library causes a Denial of Service while parsing a specially crafted payload with empty data type. For example, if the payload is record ; empty and the canister interface expects record then the rust candid decoder treats empty as an extra field required by the type. The problem with...

7.5CVSS7.4AI score0.01212EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2023/12/07 12:35 p.m.35 views

CVE-2023-46751

A flaw was found in Ghostscript. A remote attacker may use a specially crafted payload to trigger access to previously freed memory, which can potentially lead to remote code execution or an application crash. Mitigation Mitigation for this issue is either not available or the currently available...

7.5CVSS7.8AI score0.0153EPSS
Exploits0References3
Prion
Prion
added 2023/01/23 5:15 p.m.19 views

Command injection

The management portal component of JetNexus/EdgeNexus ADC 4.2.8 was discovered to contain a command injection vulnerability. This vulnerability allows authenticated attackers to execute arbitrary commands through a specially crafted payload. This vulnerability can also be exploited from an...

6.5CVSS9AI score0.03546EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/09/14 11:15 a.m.11 views

Cross site scripting

PayMoney 3.3 is vulnerable to Stored Cross-Site Scripting XSS during replying the ticket. The XSS can be obtain from injecting under "Message" field with "description" parameter with the specially crafted payload to gain Stored XSS. The XSS then will prompt after that or can be access from the vi...

4.9CVSS5.2AI score0.0049EPSS
Exploits2References2Affected Software1
Prion
Prion
added 2022/06/26 1:15 p.m.19 views

Cross site scripting

Persistent XSS in Galaxkey Secure Mail Client in Galaxkey up to 5.6.11.5 allows an attacker to perform an account takeover by intercepting the HTTP Post request when sending an email and injecting a specially crafted XSS payload in the 'subject' field. The payload executes when the recipient logs...

3.5CVSS5.2AI score0.00734EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/06/26 12:33 p.m.32 views

CVE-2020-27509

Persistent XSS in Galaxkey Secure Mail Client in Galaxkey up to 5.6.11.5 allows an attacker to perform an account takeover by intercepting the HTTP Post request when sending an email and injecting a specially crafted XSS payload in the 'subject' field. The payload executes when the recipient logs...

5.2AI score0.00734EPSS
Exploits0References1
CNVD
CNVD
added 2022/06/09 12:0 a.m.24 views

Online Market Place Site Cross-Site Scripting Vulnerability

Online Market Place Site is an online marketplace site. v1.0 of Online Market Place Site is vulnerable to a cross-site scripting vulnerability in which the Page parameter in the source/omps/seller lacks a checksum filter for user-supplied data and output data. An attacker could use the...

3.5CVSS1.9AI score0.00476EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/03/31 12:0 a.m.19 views

Sourcecodester Hospital Patient Records Management System跨站脚本漏洞(CNVD-2022-48761)

Sourcecodester Hospital Patient Records Management System is a Web-based application that provides an automated platform for hospitals to store and manage their patient records. A cross-site scripting vulnerability exists in version 1.0, which stems from the lack of proper validation of client-si...

5.4CVSS1.7AI score0.00487EPSS
Exploits1References1
0day.today
0day.today
added 2021/09/24 12:0 a.m.269 views

Microsoft Windows cmd.exe - Stack Buffer Overflow Vulnerability

Title: Microsoft Windows cmd.exe - Stack Buffer Overflow Author: John Page aka hyp3rlinx Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-CMD.EXE-STACK-BUFFER-OVERFLOW.txt ISR: ApparitionSec Vendor www.microsoft.com Product cmd.exe is the default command-line interpreter for t...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/09/10 12:0 a.m.18 views

JEESNS Stored Cross-Site Scripting Vulnerability (CNVD-2021-74056)

JEESNS is a social management system developed on the JAVA enterprise platform. The vulnerability can be exploited to execute arbitrary Web script or HTML via a specially crafted payload in the editor's source field...

5.4CVSS1.6AI score0.00558EPSS
Exploits1References1
CNVD
CNVD
added 2021/09/10 12:0 a.m.14 views

JEESNS Stored Cross-Site Scripting Vulnerability (CNVD-2021-74057)

JEESNS is a social management system developed on the JAVA enterprise platform. The vulnerability can be exploited to execute arbitrary Web script or HTML via a specially crafted payload in the header...

5.4CVSS1.5AI score0.00687EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2021/03/14 12:0 a.m.301 views

Trojan-Proxy.Win32.Wimain Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/8936c97e99799809812fa740076a2d7f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Proxy.Win32.Wimain Vulnerability: Remote Stack Buffer Overflow Description: Win32.Wimain troj...

0.6AI score
Exploits0
Rows per page
Query Builder