8 matches found
CVE-2026-28527
BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Controller GETPLAYERAPPLICATIONSETTINGATTRIBUTETEXT and GETPLAYERAPPLICATIONSETTINGVALUETEXT handlers that allows nearby attackers to read beyond packet boundaries. Attackers can establish a paire...
CVE-2025-59397
Open Web Analytics OWA before 1.8.1 allows owadb.php vvalue SQL injection...
CVE-2025-59397
Open Web Analytics OWA before 1.8.1 allows owadb.php vvalue SQL injection...
CVE-2021-24143
Unvalidated input in the AccessPress Social Icons plugin, versions before 1.8.1, did not sanitise its widget attribute, allowing accounts with post permission, such as author, to perform SQL injections...
Wordpress AccessPress Social Icon SQL注入漏洞
Wordpress AccessPress Social Icon is an open source application plugin for Wordpress. The plugin is used to add design media icons to a website. A SQL injection vulnerability exists in versions of the Wordpress AccessPress Social Icons plugin prior to 1.8.1. The vulnerability stems from the progr...
DEBIAN-CVE-2019-3861
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory...
DEBIAN-CVE-2016-0747
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service worker process resource consumption via vectors related to arbitrary name resolution...
DEBIAN-CVE-2010-0628
The spnegogssacceptseccontext function in lib/gssapi/spnego/spnegomech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 aka krb5 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service assertion failure and daemon crash via an invalid packet that triggers...