213680 matches found
Design/Logic Flaw
openNDS 10.2.0 is vulnerable to Use-After-Free via /openNDS/src/auth.c...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
Unrestricted file upload
Unrestricted Upload of File with Dangerous Type vulnerability in Skymoonlabs MoveTo.This issue affects MoveTo: from n/a through 6.2...
Unrestricted file upload
Unrestricted Upload of File with Dangerous Type vulnerability in JoomUnited WP Media folder.This issue affects WP Media folder: from n/a through 5.7.2...
Design/Logic Flaw
Unrestricted Upload of File with Dangerous Type vulnerability in SYSBASICS WooCommerce Easy Checkout Field Editor, Fees & Discounts.This issue affects WooCommerce Easy Checkout Field Editor, Fees & Discounts: from n/a through 3.5.12...
Cross site scripting
A DOM based cross-site scripting XSS vulnerability in the component /beep/Beep.Instrument.js of stewdio beep.js before commit ef22ad7 allows attackers to execute arbitrary Javascript via sending a crafted URL...
Cross site scripting
A DOM based cross-site scripting XSS vulnerability in the component /dom/ranges/Range-test-iframe.html of web-platform-tests/wpt before commit 938e843 allows attackers to execute arbitrary Javascript via sending a crafted URL...
Cross site scripting
A DOM based cross-site scripting XSS vulnerability in the component index.html of jstrieb/urlpages before commit 035b647 allows attackers to execute arbitrary Javascript via sending a crafted URL...
Cross site scripting
A DOM based cross-site scripting XSS vulnerability in the component generator.html of tabatkins/railroad-diagrams before commit ea9a123 allows attackers to execute arbitrary Javascript via sending a crafted URL...
Design/Logic Flaw
A DLL hijacking vulnerability was identified in the Qognify VMS Client Viewer version 7.1 or higher, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL, if some specific pre-conditions are met...
Command injection
In Indo-Sol PROFINET-INspektor NT through 2.4.0, a command injection vulnerability in the gedtupdater service of the firmware allows remote attackers to execute arbitrary system commands with root privileges via a crafted filename parameter in POST requests to the /api/updater/ctrl/startupdate...
Path traversal
In Indo-Sol PROFINET-INspektor NT through 2.4.0, a path traversal vulnerability in the httpuploadd service of the firmware allows remote attackers to write to arbitrary files via a crafted filename parameter in requests to the /upload endpoint...
Heap overflow
A heap-based buffer overflow vulnerability exists in the GGUF library gguffreadstr functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
Spoofing
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check the allocworkqueue return value in radeoncrtcinit check the allocworkqueue return value in radeoncrtcinit to avoid null-ptr-deref...
Sql injection
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /psubmit.php. The manipulation of the argument pid with the input '+or+1%3d1%23 leads to sql injection. It is possible to launch the attack...
Null pointer dereference
In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fix null pointer dereference in ofsysconregister kasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure...
Design/Logic Flaw
In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kvparsepowertable When ps allocated by kzalloc equals to NULL, kvparsepowertable frees adev-pm.dpm.ps that allocated before. However, after the control flow goes through the following call...
Cross site scripting
The Archivist – Custom Archive Templates plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘shortcodeattributes' parameter in all versions up to, and including, 1.7.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
Null pointer dereference
Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary...
Design/Logic Flaw
Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system including project dependencies. An attacker could exploit this vulnerability to gather details abou...
Improper access control
Improper access control vulnerability has been identified in the SMA100 SSL-VPN virtual office portal, which in specific conditions could potentially enable a remote authenticated attacker to associate another user's MFA mobile application...
Spoofing
Microsoft Edge Chromium-based Spoofing Vulnerability...
Information disclosure
Microsoft Edge Chromium-based Information Disclosure Vulnerability...
Design/Logic Flaw
An issue in zkteco zkbio WDMS v.8.0.5 allows an attacker to execute arbitrary code via the /files/backup/ component...
Hardcoded credentials
Insecure AES key in Yealink Configuration Encrypt Tool below verrsion 1.2. A single, vendorwide, hardcoded AES key in the configuration tool used to encrypt provisioning documents was leaked leading to a compromise of confidentiality of provisioning documents...
Sql injection
SQL Injection vulnerability in CRMEB crmebjava v.1.3.4 and before allows a remote attacker to obtain sensitive information via the latitude and longitude parameters in the api/front/store/list component...
Sql injection
In the module "Generate barcode on invoice / delivery slip" ecgeneratebarcode from Ether Creation = 1.2.0 for PrestaShop, a guest can perform SQL injection...
Design/Logic Flaw
Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untrusted dataset. This issue leads to a client-side RCE when running the recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over dataset table fields...
Design/Logic Flaw
Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. This issue leads to a client-side RCE when running an untrusted recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over template variables...
Information disclosure
Microsoft Edge Chromium-based Information Disclosure Vulnerability...
Design/Logic Flaw
In the module "Survey TMA" ecomizsurveytma up to version 2.0.0 from Ecomiz for PrestaShop, a guest can download personal information without restriction...
Design/Logic Flaw
Hitron CODA-4582 and CODA-4589 devices have default PSKs that are generated from 5-digit hex values concatenated with a "Hitron" substring, resulting in insufficient entropy only about one million possibilities...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...