7955 matches found
PT-2026-36881
Name of the Vulnerable Software and Affected Versions OpenC3 COSMOS versions 6.7.0 through 7.0.0-rc3 Description The Time-Series Database TSDB component contains a SQL injection flaw. The tsdb lookup function within the cvt model.rb file incorporates user-supplied input into a SQL query without...
BorG SPM SQL注入漏洞
BorG SPM is a software platform developed by BorG in Taiwan, China, used for system performance monitoring and resource management analysis. The BorG SPM 2007 version contains an SQL injection vulnerability. This vulnerability arises from SQL injections, allowing unauthenticated remote attackers ...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection when using the simple protocol with dollar quoted string literals. An attacker can execute arbitrary SQL commands by crafting input that is interpreted as a placeholder within a dollar quoted string literal. Note: This is...
EUVD-2018-21775
MAGIX Music Editor 3.1 contains a buffer overflow vulnerability in the FreeDB Proxy Options dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload, paste it into the Server field via the CD menu's FreeDB...
EUVD-2018-21783
UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite...
EUVD-2018-21780
LanSpy 2.0.1.159 contains a local buffer overflow vulnerability in the scan section that allows local attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious payloads using egghunter techniques to locate and execute shellcode,...
EUVD-2018-21776
Iperius Backup 5.8.1 contains a local buffer overflow vulnerability in the structured exception handling SEH mechanism that allows local attackers to execute arbitrary code by supplying a malicious file path. Attackers can create a backup job with a crafted payload in the external file location...
GHSA-QXPQ-82F3-XJ47 CI4MS: Backup Management Full Account Takeover for All Roles & Privilege Escalation via Stored DOM Blind XSS
An attacker can achieve Full Account Takeover and Privilege Escalation via Stored DOM XSS in the backup module's filename field, which is manipulated through an SQL file that tampers with the filename field to contain a hidden XSS payload...
CVE-2018-25265
LanSpy 2.0.1.159 contains a local buffer overflow vulnerability in the scan section that allows local attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious payloads using egghunter techniques to locate and execute shellcode,...
CVE-2018-25259
Terminal Services Manager 3.1 contains a stack-based buffer overflow vulnerability in the computer names field that allows local attackers to execute arbitrary code by triggering structured exception handling. Attackers can craft a malicious input file with shellcode and jump instructions that...
CVE-2018-25267
UltraISO 9.7.1.3519 contains a local buffer overflow in the Output FileName field of the Make CD/DVD Image dialog, allowing an attacker to overwrite SEH/SE handler records with a crafted 304-byte payload, triggering a denial‑of‑service crash. The vulnerability is actionable locally; no exploit de...
CVE-2018-25267 UltraISO 9.7.1.3519 Buffer Overflow via Output FileName
UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite...
CVE-2018-25265
LanSpy 2.0.1.159 contains a local buffer overflow vulnerability in the scan section that allows local attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious payloads using egghunter techniques to locate and execute shellcode,...
CVE-2018-25265
CVE-2018-25265 affects LanSpy 2.0.1.159 with a local buffer overflow in the scan section that can lead to arbitrary code execution. Attackers can craft payloads using egghunter techniques to locate and execute shellcode by manipulating the SEH chain; this is a local, no-interaction vulnerability ...
CVE-2018-25265 LanSpy 2.0.1.159 Local Buffer Overflow
LanSpy 2.0.1.159 contains a local buffer overflow vulnerability in the scan section that allows local attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious payloads using egghunter techniques to locate and execute shellcode,...
CVE-2018-25265 LanSpy 2.0.1.159 Local Buffer Overflow
LanSpy 2.0.1.159 contains a local buffer overflow vulnerability in the scan section that allows local attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious payloads using egghunter techniques to locate and execute shellcode,...
CVE-2018-25261
Iperius Backup 5.8.1 contains a local buffer overflow vulnerability in the structured exception handling SEH mechanism that allows local attackers to execute arbitrary code by supplying a malicious file path. Attackers can create a backup job with a crafted payload in the external file location...
CVE-2018-25261 Iperius Backup 5.8.1 Local Buffer Overflow SEH
Iperius Backup 5.8.1 contains a local buffer overflow vulnerability in the structured exception handling SEH mechanism that allows local attackers to execute arbitrary code by supplying a malicious file path. Attackers can create a backup job with a crafted payload in the external file location...
CVE-2018-25261
CVE-2018-25261 concerns Iperius Backup 5.8.1, which contains a local buffer overflow in the structured exception handling (SEH) mechanism. A crafted file path in an external file location field during a backup job can trigger the overflow, enabling code execution with the application’s privileges...
CVE-2018-25261 Iperius Backup 5.8.1 Local Buffer Overflow SEH
Iperius Backup 5.8.1 contains a local buffer overflow vulnerability in the structured exception handling SEH mechanism that allows local attackers to execute arbitrary code by supplying a malicious file path. Attackers can create a backup job with a crafted payload in the external file location...