1657 matches found
CVE-2026-27168
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. All versions are vulnerable to Heap-based Buffer Overflow through the XWD parser's use of the bytesperline value. The value os read directly from the file as the read size in...
Konica Minolta bizhub Multifunction Printer: Pass-Back Attack Vulnerability (NOT FIXED)
Overview During security testing, Rapid7 discovered that Konica Minolta bizhub 227 Multifunction printers MFPs were vulnerable to a pass-back attack. The affected products identified were: Konica Minolta bizhub MFPs Firmware Version: GCQ-Y3 and earlier This issue has been assigned the following...
XXL-RPC Deserialization of Untrusted Data vulnerability
XXL-RPC is a high performance, distributed RPC framework. With it, a TCP server can be set up using the Netty framework and the Hessian serialization mechanism. When such a configuration is used, attackers may be able to connect to the server and provide malicious serialized objects that, once...
PT-2024-22622 · Unknown · Io-1020 Micro Eld
Name of the Vulnerable Software and Affected Versions: IO-1020 Micro ELD affected versions not specified Description: The issue concerns the execution of code without sufficient verification of its origin or integrity. This could potentially lead to the execution of malicious code, posing a...
CVE-2017-9158
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service invalid write and SEGV, related to the pnmloadraw function in input-pnm.c:336:11...
CVE-2016-9138
PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during wakeup processing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data, as demonstrated by Exception::toString with DateInterval::wakeup...
QNAP QTS 4.2.1 Build 20160601 Command Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2016-055 Product: QNAP QTS Manufacturer: QNAP Affected Versions: 4.2.1 Build 20160601 Tested Versions: 4.2.1 Build 20160601 - 4.2.2 Build 20160812 Vulnerability Type: OS Command Injection CWE-78 Risk Level: High Solution Status:...
Unfixed XSS vulnerability at www.achatcommerce.com
Security researcher Atmon3r, has submitted on 12/01/2012 a cross-site-scripting XSS vulnerability affecting www.achatcommerce.com, which at the time of submission ranked 976602 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/01/2012. It is...
Unfixed XSS vulnerability at annuaire.pro
Security researcher Atmon3r, has submitted on 12/01/2012 a cross-site-scripting XSS vulnerability affecting annuaire.pro, which at the time of submission ranked 41917 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/01/2012. It is currently...
Unfixed XSS vulnerability at www.food.com
Security researcher Rugburn, has submitted on 12/01/2012 a cross-site-scripting XSS vulnerability affecting www.food.com, which at the time of submission ranked 1590 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 12/01/2012. It is currently...
Unfixed XSS vulnerability at mediathek.daserste.de
Security researcher watt, has submitted on 10/04/2012 a cross-site-scripting XSS vulnerability affecting mediathek.daserste.de, which at the time of submission ranked 4502 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 10/04/2012. It is...
Unfixed XSS vulnerability at www.oilfielddepot.net
Security researcher xssh0bby, has submitted on 09/02/2012 a cross-site-scripting XSS vulnerability affecting www.oilfielddepot.net, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 16/02/2012. It is...
Unfixed XSS vulnerability at www.lagrosseradio.com
Security researcher Atmon3r, has submitted on 08/01/2012 a cross-site-scripting XSS vulnerability affecting www.lagrosseradio.com, which at the time of submission ranked 339063 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/01/2012. It is...
Unfixed XSS vulnerability at www.macommune.fr
Security researcher Atmon3r, has submitted on 08/01/2012 a cross-site-scripting XSS vulnerability affecting www.macommune.fr, which at the time of submission ranked 12345344 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/01/2012. It is...
Unfixed XSS vulnerability at researchguides.case.edu
Security researcher Sony, has submitted on 06/02/2012 a cross-site-scripting XSS vulnerability affecting researchguides.case.edu, which at the time of submission ranked 13687 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 16/02/2012. It is...
Unfixed XSS vulnerability at libguides.bc.edu
Security researcher Sony, has submitted on 06/02/2012 a cross-site-scripting XSS vulnerability affecting libguides.bc.edu, which at the time of submission ranked 25555 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 16/02/2012. It is currently...
Unfixed XSS vulnerability at legalresearch.usfca.edu
Security researcher Sony, has submitted on 06/02/2012 a cross-site-scripting XSS vulnerability affecting legalresearch.usfca.edu, which at the time of submission ranked 50470 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 16/02/2012. It is...
Unfixed XSS vulnerability at www.cygrids.com
Security researcher wutsec, has submitted on 04/02/2012 a cross-site-scripting XSS vulnerability affecting www.cygrids.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/02/2012. It is currently...
Unfixed XSS vulnerability at www.askbluey.com
Security researcher rvk, has submitted on 03/01/2012 a cross-site-scripting XSS vulnerability affecting www.askbluey.com, which at the time of submission ranked 1740711 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/01/2012. It is currently...
Unfixed XSS vulnerability at www.maquis-art.com
Security researcher Atmon3r, has submitted on 29/02/2012 a cross-site-scripting XSS vulnerability affecting www.maquis-art.com, which at the time of submission ranked 651956 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 12/03/2015. It is...