8 matches found
EUVD-2026-38590
jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.21.0 until 2.21.4 and 3.1.4, POJOPropertiesCollector.renameProperties allows a property with @JsonProperty"renamed" on the getter and @JsonIgnore on the setter to be renamed...
CVE-2018-25312
CVE-2018-25312 affects LifeSize ClearSea 3.1.4. The vulnerability is a directory traversal in the smartgui interface that, when combined with uploading and manipulating path parameters, allows an authenticated attacker with network access to write files to arbitrary locations and potentially achi...
Uncaught Exception
Overview robrichards/xmlseclibs is a PHP library for XML Security. Affected versions of this package are vulnerable to Uncaught Exception in the form of improper handling of canonicalization failures. An attacker can bypass signature or digest validation by submitting specially crafted invalid XM...
CVE-2025-49908
CVE-2025-49908 affects WPClever WPC Countdown Timer for WooCommerce (plugin: wpc-countdown-timer). Versions up to and including 3.1.4 suffer from improper input neutralization during web page generation, enabling Stored Cross-Site Scripting (XSS). Impact per the sources is stored XSS impacting us...
CVE-2025-39504 WordPress Goodlayers Hotel plugin <= 3.1.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in GoodLayers Goodlayers Hotel gdlr-hotel allows Blind SQL Injection.This issue affects Goodlayers Hotel: from n/a through = 3.1.4...
PT-2023-20452
Name of the Vulnerable Software and Affected Versions Saleor versions prior to 3.1.48 Saleor versions prior to 3.7.59 Saleor versions prior to 3.8.0 Saleor versions prior to 3.9.27 Saleor versions prior to 3.10.14 Saleor versions prior to 3.11.12 Description Some internal Python exceptions are no...
ELOG Electronic Logbook Code Issue Vulnerability
ELOG is a web application written in C for creating personal and general purpose logs. A code issue vulnerability exists in the handling of HTTP parameters in ELOG Electronic Logbook version 3.1.4-283534d, which can be exploited by remote attackers to cause a denial of service via a specially...
CVE-2016-7555
The avireadheader function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to memory leak when decoding an AVI file that has a crafted "strh" structure...