213680 matches found
Input validation
The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21AAZF.14C0 and NAS542 firmware version V5.21ABAG.11C0 could allow an unauthenticated attacker to execute some operating system OS commands by sending a crafted URL to a vulnerable device...
Command injection
A command injection vulnerability in the “showzysyncservercontents” function of the Zyxel NAS326 firmware version V5.21AAZF.14C0 and NAS542 firmware version V5.21ABAG.11C0 could allow an unauthenticated attacker to execute some operating system OS commands by sending a crafted HTTP POST request...
Input validation
The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21AAZF.14C0 and NAS542 firmware version V5.21ABAG.11C0 could allow an authenticated attacker to execute some operating system OS commands by sending a crafted URL to a vulnerable device...
Command injection
An OS Command injection vulnerability in NEC Platforms DT900 and DT900S Series all versions allows an attacker to execute any command on the device...
Design/Logic Flaw
Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Sierra Wireless, Inc ALEOS could potentially allow a remote attacker to trigger a Denial of Service DoS condition for ACEManager without impairing other router functions. This condition is cleared by restarting the device...
Remote code execution
Remote code execution...
Remote code execution
Remote code execution...
Remote code execution
Remote code execution...
Privilege escalation
Elevation of privilege...
Information disclosure
Information disclosure...
Privilege escalation
Elevation of privilege...
Design/Logic Flaw
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Improper validation makes it possible for an attacker to modify the HTTP request e.g. insert a new header or even create a new HTTP request if the attacker controls the HTTP method. The vulnerability occurs only if th...
Stack overflow
A stack overflow in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
Design/Logic Flaw
An issue in the chacmp function of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS after running a SELECT statement...
Design/Logic Flaw
An issue in the boxadd function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS after running a SELECT statement...
Design/Logic Flaw
An issue in the boxdiv function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS after running a SELECT statement...
Design/Logic Flaw
An issue in the boxdeserializereusing function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS after running a SELECT statement...
Design/Logic Flaw
An issue in the boxmpy function of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS after running a SELECT statement...
Authorization
Cosmos provides users the ability self-host a home server by acting as a secure gateway to your application, as well as a server manager. Cosmos-server is vulnerable due to to the authorization header used for user login remaining valid and not expiring after log out. This vulnerability allows an...
Cross site scripting
October is a Content Management System CMS and web platform to assist with development workflow. A user with access to the media manager that stores SVG files could create a stored XSS attack against themselves and any other user with access to the media manager when SVG files are supported. This...
Information disclosure
An issue in the boxcollen function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS after running a SELECT statement...
Authorization
An issue in the boxequal function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS after running a SELECT statement...
Design/Logic Flaw
Misskey is an open source, decentralized social media platform. Misskey's missing signature validation allows arbitrary users to impersonate any remote user. This issue has been patched in version 2023.11.1-beta.1...
Null pointer dereference
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling loadpempkcs7certificates or loadderpkcs7certificates could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service...
Privilege escalation
In Progress MOVEit Transfer versions released before 2022.0.9 14.0.9, 2022.1.10 14.1.10, 2023.0.7 15.0.7, a privilege escalation path associated with group administrators has been identified. It is possible for a group administrator to elevate a group members permissions to the role of an...
Cross site scripting
In Progress MOVEit Transfer versions released before 2022.0.9 14.0.9, 2022.1.10 14.1.10, 2023.0.7 15.0.7, a reflected cross-site scripting XSS vulnerability has been identified when MOVEit Gateway is used in conjunction with MOVEit Transfer. An attacker could craft a malicious payload targeting...
Cross site scripting
A stored cross-site scripting XSS vulnerability in EyouCMS v1.6.4-UTF8-SP1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field Title field at /login.php?m=admin&c=Field&a=arctypeadd&ajax=1&lang=cn...
Cross site scripting
A stored cross-site scripting XSS vulnerability in EyouCMS v1.6.4-UTF8-SP1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Menu Name field at /login.php?m=admin&c=Index&a=changeTableVal&ajax=1&lang=cn...
Cross site scripting
A stored cross-site scripting XSS vulnerability in EyouCMS v1.6.4-UTF8-SP1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Document Properties field at /login.php m=admin&c=Index&a=changeTableVal&ajax=1&lang=cn...
Authentication flaw
CarrierWave is a solution for file uploads for Rails, Sinatra and other Ruby web frameworks. CarrierWave has a Content-Type allowlist bypass vulnerability, possibly leading to XSS. The validation in allowlistedcontenttype? determines Content-Type permissions by performing a partial match. If the...
Design/Logic Flaw
Jenkins Jira Plugin 3.11 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier allows attackers to connect to an attacker-specified hostname and port using attacker-specified username and password...
Design/Logic Flaw
Incorrect permission checks in Jenkins Google Compute Engine Plugin 4.550.vb327fca3db11 and earlier allow attackers with global Item/Configure permission while lacking Item/Configure permission on any particular job to enumerate system-scoped credentials IDs of credentials stored in Jenkins and t...
Default credentials
A missing permission check in Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attacker-specified username and password...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins MATLAB Plugin 2.11.0 and earlier allows attackers to have Jenkins parse an XML file from the Jenkins controller file system...
Information disclosure
Missing permission checks in Jenkins MATLAB Plugin 2.11.0 and earlier allow attackers to have Jenkins parse an XML file from the Jenkins controller file system...
Xxe
Jenkins MATLAB Plugin 2.11.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Information disclosure
The language file parsing process could be manipulated to expose environment variables. Environment variables might contain sensible information...
Design/Logic Flaw
Use after free in WebAudio in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Type confusion
Type Confusion in Spellcheck in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Integer overflow
Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...
Design/Logic Flaw
Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. Chromium security severity: High...
Design/Logic Flaw
Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. Chromium security severity: High...
Design/Logic Flaw
A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data...
Design/Logic Flaw
Use after free in Mojo in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Server side request forgery (ssrf)
A server-side request forgery vulnerability in ESM prior to version 11.6.8 allows a low privileged authenticated user to upload arbitrary content, potentially altering configuration. This is possible through the certificate validation functionality where the API accepts uploaded content and doesn...
Stack overflow
Tenda AC10 version USAC10V4.0siV16.03.10.13cn was discovered to contain a stack overflow via the list parameter in the function sub49E098...
Stack overflow
Tenda AC10 version USAC10V4.0siV16.03.10.13cn was discovered to contain a stack overflow via the src parameter in the function sub47D878...
Stack overflow
Tenda AC10 version USAC10V4.0siV16.03.10.13cn was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGuestBasic...
Stack overflow
Tenda AC10 version USAC10V4.0siV16.03.10.13cn was discovered to contain a stack overflow via the urls parameter in the function getparentControllistInfo...