Lucene search
+L

15 matches found

redhatcve
redhatcve
added 2026/01/07 9:48 a.m.8 views

CVE-2022-27496

Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6.5AI score0.00719EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-31997

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00719EPSS
Exploits0References2
susecve
susecve
added 2023/02/15 4:35 a.m.5 views

SUSE CVE-2017-18207

The Waveread.readfmtchunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service divide-by-zero and exception via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python applications...

3.3CVSS8.4AI score0.01348EPSS
Exploits0References30
cnnvd
cnnvd
added 2022/06/17 12:0 a.m.4 views

@discordjs/opus 安全漏洞

@discordjs/opus is an open source native binding of discord.js to libopus v1.3. A security vulnerability exists in @discordjs/opus that stems from the vulnerability of this package to denial-of-service DoS attacks when attempting to encode with an encoder that has a zero-channel or an uninitializ...

7.5CVSS7.2AI score0.01274EPSS
Exploits1References3
nvd
nvd
added 2022/03/31 8:15 a.m.19 views

CVE-2022-27496

Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS0.00719EPSS
Exploits0References2
osv
osv
added 2022/03/31 8:15 a.m.4 views

CVE-2022-27496

Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6.5AI score0.00719EPSS
Exploits0References2
attackerkb
attackerkb
added 2022/03/31 8:15 a.m.5 views

CVE-2022-27496

Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6AI score0.00719EPSS
Exploits0References3Affected Software1
prion
prion
added 2022/03/31 8:15 a.m.28 views

Cross site scripting

Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

4.3CVSS5.9AI score0.00719EPSS
Exploits0References2Affected Software1
cve
cve
added 2022/03/31 7:21 a.m.97 views

CVE-2022-27496

CVE-2022-27496 : Cross-site scripting in Zero-channel BBS Plus before or equal to v0.7.4 allows a remote attacker to inject arbitrary scripts via unspecified vectors. The available connected documents confirm the vulnerability and its impact (XSS) but do not provide any concrete fix/version detai...

6.1CVSS5.9AI score0.00719EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2022/03/31 7:21 a.m.28 views

CVE-2022-27496

Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.2AI score0.00719EPSS
Exploits0References2
jvn
jvn
added 2022/03/30 6:36 a.m.1 views

Zero-channel BBS Plus vulnerable to cross-site scripting

Overview Zero-channel BBS Plus by Zero-Channel BBS Plus Developers is a bulletin board CGI script. Zero-channel BBS Plus contains a cross-site scripting vulnerability CWE-79. Zero-Channel BBS Plus Developers reported this vulnerability to JPCERT/CC to notify users of its solution through JVN...

6.1CVSS6AI score0.00719EPSS
Exploits0References5
jvn
jvn
added 2022/03/30 12:0 a.m.51 views

JVN#59576930: Zero-channel BBS Plus vulnerable to cross-site scripting

Zero-channel BBS Plus by Zero-Channel BBS Plus Developers is a bulletin board CGI script. Zero-channel BBS Plus contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is accessing the management screen of the product,...

6.1CVSS6AI score0.00719EPSS
Exploits0
mscve
mscve
added 2021/12/16 12:0 a.m.7 views

oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.

...

5CVSS7AI score0.03579EPSS
Exploits1
osv
osv
added 2018/02/15 10:29 a.m.3 views

UBUNTU-CVE-2017-18189

In the startread function in xa.c in Sound eXchange SoX through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote attacker to cause a denial-of-service...

7.5CVSS6.7AI score0.05151EPSS
Exploits1References4
cnvd
cnvd
added 2016/07/28 12:0 a.m.2 views

speex speexenc parsing channel field denial of service vulnerability

Speex is an open source, free, patent-free audio compression format primarily for speech. The encoder program speexenc in speex-1.2rc2 and previous versions crashes when parsing wav files with zero values in the channel field resulting in a division by zero...

6.9AI score
Exploits0
Rows per page
Query Builder