363 matches found
Generex UPS CS141 代码问题漏洞
The Generex UPS CS141 is a microcomputer from the German company Generex. A security vulnerability exists in the Generex UPS CS141 prior to version 2.06, which stems from a vulnerability that allows an attacker to upload a firmware file containing a webshell...
TCG TPM 缓冲区错误漏洞
TCG TPM is a chip from the Trusted Computing Group that is planted inside a computer to provide a trusted root for the computer. A buffer error vulnerability exists in version 2.0 of the TCG TPM that stems from an out-of-bounds read issue. An attacker could use this vulnerability to read or acces...
CVE-2023-23899
Cross-Site Request Forgery CSRF vulnerability in HasThemes Extensions For CF7 plugin = 2.0.8 versions leads to arbitrary plugin activation...
Intel SGX SDK 安全漏洞
The Intel SGX SDK is a set of software development kits based on SGX Intel Software Security Extensions technology from Intel Corporation. A security vulnerability exists in Intel® SGX versions prior to 2.0 91ee496, which stems from the inclusion of improper access control in this Crypto API...
Intel CVAT 代码问题漏洞
CVAT is an interactive video and image annotation tool for computer vision. A security vulnerability exists in IntelR CVAT prior to version 2.0.1, which can be exploited by an attacker to disclose information via network access hidden enablement...
SUSE CVE-2017-9354
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector could crash. This was addressed in epan/dissectors/packet-rgmp.c by validating an IPv4 address...
SUSE CVE-2020-11043
In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfxprocessmessagetileset. Invalid data fed to RFX decoder results in garbage on screen as colors. This has been patched in 2.1.0...
SUSE CVE-2021-27906
A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions...
Online Food Ordering System SQL注入漏洞
Online Food Ordering System is an online food ordering system by Carlo Montero, an individual developer. A security vulnerability exists in Online Food Ordering System version v2.0, which originates from an SQL injection vulnerability...
CVE-2022-48161
Easy Images v2.0 was discovered to contain an arbitrary file download vulnerability via the component /application/down.php. This vulnerability is exploited via a crafted GET request...
EasyImages 安全漏洞
EasyImages is a thin wrapper on PIL by Jakub Cieslik individual developer. It is used for exploring, visualizing and sharing images. A security vulnerability exists in EasyImages version v2.0, which stems from the presence of an arbitrary file download vulnerability that can be exploited by an...
PYSEC-2023-282
Cross-Site Request Forgery CSRF in GitHub repository modoboa/modoboa prior to 2.0.4...
Froxlor 命令注入漏洞
Froxlor is a lightweight server management software from the Froxlor team. A command injection vulnerability exists in Froxlor versions prior to 2.0.8, which stems from the presence of command injection...
CVE-2022-40434
Softr v2.0 was discovered to be vulnerable to HTML injection via the Name field of the Account page...
IBM Sterling Partner Engagement Manager 授权问题漏洞
A security vulnerability in IBM Sterling Partner Engagement Manager version 2.0, an automated management tool from International Business Machines Corporation IBM, stems from a failure to invalidate sessions after logging out, which could allow an authenticated user to impersonate another user on...
CVE-2014-0144
QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privilege...
GHSA-QMHJ-M29V-GVMR Bots using py-cord as Discord API wrapper are vulnerable to shutdowns through remote code execution
Impact py-cord is a an API wrapper for Discord written in Python. Bots using py-cord version 2.0.0 are vulnerable to remote shutdown if they are added to the server with the application.commands scope without the bot scope. Currently, it appears that all public bots that use slash commands are...
CVE-2022-33198
Unauthenticated WordPress Options Change vulnerability in Biplob Adhikari's Accordions plugin = 2.0.2 at WordPress...
PT-2022-15750 · Sourcecodester · Sourcecodester Clinics Patient Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Clinics Patient Management System version 2.0 Description: A critical issue was found in the system, affecting an unknown function of the file /pms/update user.php?user id=1. The manipulation of the profile picture argument wit...
Microsoft Windows Kernel 安全漏洞
Microsoft Windows Kernel is the kernel of the Windows operating system by Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Kernel. The following products and versions are affected:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based...