CVE-2026-29046 TinyWeb: HTTP Header Control Character Injection into CGI Environment

TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. Prior to version 2.04, TinyWeb accepts request header values and later maps them into CGI environment variables HTTP. The parser did not strictly reject dangerous control characters in header lines and header values, including CR, L...

CVE-2023-54328

AimOne Video Converter 2.04 Build 103 is affected by a buffer overflow in the registration form that can crash the application and enable denial of service via a ~7000-byte payload. Affected component: registration form handling; impact described as crash/DoS with potential abuse of the registrat...

AimOne Video Converter 安全漏洞

AimOne Video Converter is a video format conversion tool from AimOne. A security vulnerability exists in AimOne Video Converter version 2.04 Build 103, which originates from a buffer overflow in the registry form that could lead to an application crash and denial of service attack...

EUVD-2020-7691

Malware in sbrugna...

EUVD-2025-25013

Malicious code in bioql PyPI...

CVE-2025-9026

CVE-2025-9026 affects D-Link DIR-860L (firmware 2.04.B04). The vulnerability is in the Simple Service Discovery Protocol component, specifically the ssdpcgi_main function in htdocs/cgibin, enabling remote OS command injection. Publicly disclosed exploit indicates active risk, with impact on confi...

PT-2023-9954 · Bestwebsoft · Bestwebsoft Portfolio Plugin

Name of the Vulnerable Software and Affected Versions: BestWebSoft Portfolio Plugin versions up to 2.04 Description: A vulnerability was found in the BestWebSoft Portfolio Plugin, which has been classified as problematic. This issue affects an unknown part of the plugin and leads to cross-site...

CVE-2022-29358

epub2txt2 v2.04 was discovered to contain an integer overflow via the function bug in parsespecialtag at sxmlc.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted XML file...

GNU Gama Denial of Service Vulnerability

GNU Gama is a software package of the GNU community. It is used for traditional geodesy still used and needed in special surveys where the Global Positioning System GPS cannot be used e.g. underground or high-precision engineering surveys. A denial of service vulnerability exists in Gama version...

grub2: Integer overflow in initrd size handling

Integer overflows were discovered in the functions grubcmdinitrd and grubinitrdinit in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu the functionality is not included in GRUB2 upstream, leading to a heap-based buffer overflow. These could be triggered by an extremely...

grub2: Fail kernel validation without shim protocol

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim...

Code injection

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim...

Bits Video Script 2.04/2.05 - '/addvideo.php' Arbitrary File Upload / Arbitrary PHP Code Execution

source: https://www.securityfocus.com/bid/40712/info Bits Video Script is prone to multiple arbitrary-file-upload vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to upload arbitrary code and run it in the context of the...

PHPBB 2.04,2.09 多个HTTP响应头截断漏洞

No description provided by source...

SilverNews 2.04 (Auth Bypass/LFI/RCE) Multiple Vulnerabilities

Exploit for unknown platform in category web applications ============================================================== SilverNews 2.04 Auth Bypass/LFI/RCE Multiple Vulnerabilities ============================================================== 0x01 Informations: Name : SilverNews 2.04 Download :...

Ocean12 Calendar Manager Gold - Database Disclosure

--------------------------------------------------------- Portal Name: Ocean12 Calendar Manager Gold Version: 2.04 Vendor : http://ocean12tech.com/products/o12calgold Dork: Maintained with the Ocean12 Calendar Manager Gold v2.04 Author : PouyaServer , [email protected] Vulnerability : Databa...

Ocean12 Calendar Manager Gold Database Disclosure Vulnerability

No description provided by source. --------------------------------------------------------- Portal Name: Ocean12 Calendar Manager Gold Version: 2.04 Vendor : http://ocean12tech.com/products/o12calgold Dork: Maintained with the Ocean12 Calendar Manager Gold v2.04 Author : PouyaServer ,...

Ocean12 Calendar Manager Gold - Database Disclosure

Ocean12 Calendar Manager Gold - Database Disclosure --------------------------------------------------------- Portal Name: Ocean12 Calendar Manager Gold Version: 2.04 Vendor : http://ocean12tech.com/products/o12calgold Dork: Maintained with the Ocean12 Calendar Manager Gold v2.04 Author :...

Ocean12 Calendar Manager Gold Database Disclosure Vulnerability

Exploit for unknown platform in category web applications =============================================================== Ocean12 Calendar Manager Gold Database Disclosure Vulnerability ===============================================================...

Arcadem LE 2.04 (loadadminpage) Remote File Inclusion Vulnerability

No description provided by source. Arcadem LE = 2.04 Remote File Include Vulnerability Author : KnocKout Greetz to : CoRSaNTuRK , BORDO , CWneSTer , By-Ajan , User , 44ahmetov , CoBRa21 , Khirash , CWSearcher , idam Cyber-Warrior / CW Exploiter TIM -------------------------------------- Script :...