CVE-2026-1227

CVE-2026-1227 describes an XML External Entity (XXE) vulnerability (CWE-611) in which a local user uploading a specially crafted TGML graphics file to the EBO server from Workstation could trigger unauthorized disclosure of local files, unintended interaction within the EBO system, or denial of s...

CVE-2026-1227

CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause unauthorized disclosure of local files, interaction within the EBO system, or denial of service conditions when a local user uploads a specially crafted TGML graphics file to the EBO server from...

CVE-2022-22364

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to external service interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP requests to arbitrar...

PT-2024-10584 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The issue is related to a possible parcel read/write mismatch in the createFromParcel method of MediaCas.java due to improper input validation. This could lead to local escalation of...

CVE-2022-32616

In isp, there is a possible out of bounds write due to uninitialized data. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341258; Issue ID: ALPS07341258...

Apache Any23 代码问题漏洞

Apache Any23 is a library, Web service, and command-line tool from the Apache Foundation, USA. It can extract structured data in RDF format from a variety of Web documents.Any23 versions prior to 2.7 contain a code issue vulnerability that could be exploited by an attacker to interfere with an...

Design/Logic Flaw

Adobe Creative Cloud Desktop Application installer version 2.4 and earlier is affected by an Insecure temporary file creation vulnerability. An attacker could leverage this vulnerability to cause arbitrary file overwriting in the context of the current user. Exploitation of this issue requires...

UBUNTU-CVE-2019-10648

Robocode through 1.9.3.5 allows remote attackers to cause external service interaction DNS, as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL...

Limon - Sandbox for Analyzing Linux Malwares

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect the Linux malware before execution, during execution, and after execution post-mortem analysis by...

Nokia Electronic Documentation 5.0 Connection Redirection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8625/info A vulnerability has been discovered in Nokia Electronic Documentation NED that may allow an attacker to redirect connections to a third party system. The problem likely occurs due to the NED server failing to...

Oracle Linux 5 : gnome-vfs2 (ELSA-2013-0131)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-0131 advisory. 2.16.2-10.el5 - Prevent trash applet crashing 848822 2.16.2-9.el5 - Prevent deleting items linking out of the trash 586015 - Do not stat every file on an...