CVE-2026-1002

The Vert.x Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URI. The issue comes from an improper implementation of the C. rule of section 5.2.4 of RFC3986 and is fixed in Vert.x Core component used b...

Mozilla Firefox < 2.0.0.15

The version of Firefox installed on the remote Windows host is prior to 2.0.0.15. It is, therefore, affected by a vulnerability as referenced in the mfsa2008-24 advisory. - Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to...

EUVD-2018-20338

Malware in sbrugna...

SUSE CVE-2024-39904

VNote is a note-taking platform. Prior to 3.18.1, a code execution vulnerability existed in VNote, which allowed an attacker to execute arbitrary programs on the victim's system. A crafted URI can be used in a note to perform this attack using file:/// as a link. For example,...

CVE-2020-6497

Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 83.0.4103.88 allowed a remote attacker to perform domain spoofing via a crafted URI...

Sql injection

S-CMS V3.0 has SQL injection via the Sid parameter, as demonstrated by the /1/?type=productinfo&Sid=140 URI...

UBUNTU-CVE-2016-10712

In PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3, all of the return values of streamgetmetadata can be controlled if the input can be controlled e.g., during file uploads. For example, a "$uri = streamgetmetadatafopen$file, "r"'uri'" call mishandles the case where $file is...

CVE-2008-0599

The initrequestinfo function in sapi/cgi/cgimain.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATHTRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI. Recent assessments: sulinhyo at March 28, 2022 7:35a...

Icecast Server < 1.3.10 Crafted URI Remote DoS

Binary data 2142.prm...