Lucene search
+L

94 matches found

OSV
OSV
added 2023/02/13 5:24 p.m.13 views

GSD-2023-1001908 i2c: designware: use casting of u64 in clock multiplication to avoid overflow

i2c: designware: use casting of u64 in clock multiplication to avoid overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.9 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2023/01/17 7:29 p.m.11 views

GSD-2023-1001539 dm thin: Use last transaction's pmd->root when commit failed

dm thin: Use last transaction's pmd-root when commit failed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.337 by commit...

7.3AI score
Exploits0
OSV
OSV
added 2023/01/17 7:27 p.m.7 views

GSD-2023-1001530 drm/vmwgfx: Validate the box size for the snooped cursor

drm/vmwgfx: Validate the box size for the snooped cursor This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.337 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2023/01/17 6:24 p.m.9 views

GSD-2023-1000932 dm thin: Fix UAF in run_timer_softirq()

dm thin: Fix UAF in runtimersoftirq This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.87 by commit 34cd15d83b7206188d440b29b68084fcafde9395,...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 2023/01/16 12:0 a.m.263 views

Inlislite 3.2 Insecure Settings

==================================================================================================================================== | Title : Inlislite V3.2 Backdoor Account Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 103.064-bit | |...

7.4AI score
Exploits0
OSV
OSV
added 2022/11/14 7:7 p.m.20 views

GSD-2022-1007116 KVM: nVMX: Don't propagate vmcs12's PERF_GLOBAL_CTRL settings to vmcs02

KVM: nVMX: Don't propagate vmcs12's PERFGLOBALCTRL settings to vmcs02 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.75 by commit...

7.2AI score
Exploits0
CNVD
CNVD
added 2022/06/09 12:0 a.m.42 views

TPCMS arbitrary file upload vulnerability

TPCMS, an open source content management system from the individual developers of Source of Happiness, is vulnerable to an arbitrary file upload vulnerability in version v3.2, which stems from a lack of validation of uploaded files by the application. An attacker could exploit this vulnerability ...

8.8CVSS4AI score0.01199EPSS
Exploits1References1
NVD
NVD
added 2022/06/02 2:15 p.m.28 views

CVE-2022-29624

An arbitrary file upload vulnerability in the Add File function of TPCMS v3.2 allows attackers to execute arbitrary code via a crafted PHP file...

8.8CVSS0.01199EPSS
Exploits1References2
Prion
Prion
added 2022/06/02 2:15 p.m.15 views

Design/Logic Flaw

An arbitrary file upload vulnerability in the Add File function of TPCMS v3.2 allows attackers to execute arbitrary code via a crafted PHP file...

6.5CVSS8.8AI score0.01199EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/05/31 9:0 p.m.57 views

CVE-2022-29624

TPCMS v3.2 contains an arbitrary file upload vulnerability in the Add File function that can allow an attacker to execute arbitrary PHP code via a crafted file. The issue stems from insufficient validation of uploaded files, enabling remote code execution. Affected product: TPCMS 3.2 (open‑source...

8.8CVSS8.8AI score0.01199EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/05/31 9:0 p.m.23 views

CVE-2022-29624

An arbitrary file upload vulnerability in the Add File function of TPCMS v3.2 allows attackers to execute arbitrary code via a crafted PHP file...

9AI score0.01199EPSS
Exploits1References2
NVD
NVD
added 2022/05/26 12:15 p.m.97 views

CVE-2021-42860

A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxmlstringgetc:2611. NOTE: it is unclear whether this input is allowed by the API specification...

7.5CVSS0.0097EPSS
Exploits1References1
Prion
Prion
added 2022/05/26 12:15 p.m.13 views

Memory corruption

DISPUTED A memory leak issue was discovered in Mini-XML v3.2 that could cause a denial of service. NOTE: testing reports are inconsistent, with some testers seeing the issue in both the 3.2 release and in the October 2021 development code, but others not seeing the issue in the 3.2 release...

5CVSS7.3AI score0.0097EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2022/05/26 12:15 p.m.70 views

CVE-2021-42860

A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxmlstringgetc:2611. NOTE: it is unclear whether this input is allowed by the API specification...

7.5CVSS7.3AI score0.0097EPSS
Exploits1References2
Prion
Prion
added 2022/05/26 12:15 p.m.18 views

Stack overflow

DISPUTED A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxmlstringgetc:2611. NOTE: it is unclear whether this input is allowed by the API specification...

5CVSS7.6AI score0.0097EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/05/26 11:23 a.m.36 views

CVE-2021-42860

A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxmlstringgetc:2611. NOTE: it is unclear whether this input is allowed by the API specification...

7.9AI score0.0097EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/05/26 11:23 a.m.8 views

CVE-2021-42860

A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxmlstringgetc:2611. NOTE: it is unclear whether this input is allowed by the API specification...

7.5AI score0.0097EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2022/05/26 11:23 a.m.96 views

CVE-2021-42860

Removed by vendor...

7.5CVSS7.6AI score0.0097EPSS
Exploits1
NVD
NVD
added 2022/04/04 9:15 p.m.24 views

CVE-2022-27442

TPCMS v3.2 allows attackers to access the ThinkPHP log directory and obtain sensitive information such as the administrator's user name and password...

7.5CVSS0.00977EPSS
Exploits1References1
NVD
NVD
added 2022/04/04 9:15 p.m.24 views

CVE-2022-27441

A stored cross-site scripting XSS vulnerability in TPCMS v3.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Phone text box...

4.8CVSS0.00435EPSS
Exploits1References1
Rows per page
Query Builder