10 matches found
EUVD-2026-32196
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Blind SQL Injection.This issue affects Easy Form Builder: from n/a through = 4.0.6...
acegisecurity:acegi-security-catalina (>=0.7.0 <=0.9.0), ch.qos.logback:logback-access (>=${parent.version} <=0.8) +40 more potentially affected by CVE-2026-43512 via tomcat:catalina (>=4.0.6 <=5.5.9)
tomcat:catalina MAVEN version =4.0.6, =0.7.0, =$parent.version, =0.6, =3.2.10-1-SP3seam2hibernate5, =1.5, =1.0, =1.0, =1.0.0, =4.7.1, =4.7.2 - org.apache.geronimo.assemblies:geronimo-tomcat-minimal =1.2-beta - org.apache.geronimo.configs:ca-helper-tomcat =1.2-beta -...
Apache CXF 资源管理错误漏洞
Apache CXF is an open source Web services framework from the US Apache Apache Foundation. The framework supports a variety of Web services standards, a variety of front-end programming APIs and so on. A resource management error vulnerability exists in Apache CXF versions prior to 3.5.10, 3.6.5,...
CVE-2024-30503
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in EverPress Mailster allows Reflected XSS.This issue affects Mailster: from n/a through 4.0.6...
PT-2023-29374 · Inspireui · Inspireui Mstore Api
Name of the Vulnerable Software and Affected Versions: InspireUI MStore API versions 4.0.6 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...
UBUNTU-CVE-2023-4512
CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file...
PT-2023-17663 · WordPress · Essential Blocks
Name of the Vulnerable Software and Affected Versions: The Essential Blocks plugin for WordPress versions up to, and including, 4.0.6 Description: The issue allows unauthorized use of functionality due to a missing capability check on the get function. This enables subscriber-level attackers to...
0.edsql (>=1.0.49 <=1.0.50), 10secondsofcode-custom (=1.0.0) +1527 more potentially affected by CVE-2022-41940 via engine.io (>=4.0.6 <=6.1.3)
engine.io NPM version =4.0.6, =1.0.49, =1.0.0, =0.0.28, =1.0.1, =0.8.2, =1.0.0, =0.1.13, =0.0.4, =1.2.1, =1.0.1, =1.0.2 - @aaronconway7/create-gatsby-app =1.0.0 - @accio-cms/gatsby-starter-accio =0.0.1 - @achilleskal/awesome-blog =1.0.0 and more Source cves: CVE-2022-41940 Source advisory:...
@ahora/socket.io (=3.0.3), @azteam/express (>=1.2.33 <=1.2.142) +22 more potentially affected by CVE-2022-21676 via engine.io (>=4.0.6 <=4.1.1)
engine.io NPM version =4.0.6, =1.2.33, =1.12.0, =3.0.0, =2.0.0-beta.6, =2.3.0-beta.20, =1.1.3, =2.2.26-3, =2.0.0, =0.9.301, =1.0.0, =0.4.0, =0.4.3 and more Source cves: CVE-2022-21676 Source advisory: OSV:GHSA-273R-MGR4-V34F...
PT-2017-2616 · Libtiff +3 · Libtiff +3
Name of the Vulnerable Software and Affected Versions: LibTIFF versions 4.0.6 through 4.0.7 Description: The issue arises from the program's failure to verify that biWidth and biHeight in the bitmap-information header of BMP images match the actual input. This leads to a heap-based buffer...