213680 matches found
Null pointer dereference
In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix NULL pointer dereference in zone registration error path If deviceregister in thermalzonedeviceregisterwithtrips returns an error, the tz variable is set to NULL and subsequently dereferenced in kfreetz-tzp...
Sql injection
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /cancel.php. The manipulation of the argument id with the input 1%20or%201=1 leads to sql injection. The attack can ...
Unrestricted file upload
Unrestricted Upload of File with Dangerous Type vulnerability in bPlugins LLC Icons Font Loader.This issue affects Icons Font Loader: from n/a through 1.1.4...
Authentication flaw
A vulnerability has been identified in armeria-saml versions less than 1.27.2, allowing the use of malicious SAML messages to bypass authentication. All users who rely on armeria-saml older than version 1.27.2 must upgrade to 1.27.2 or later...
Design/Logic Flaw
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to versions 6.0.16 and 7.0.3, an attacker can craft traffic to cause Suricata to use far more CPU and memory for processing the traffic than needed, which can lead to extrem...
Spoofing
In the Linux kernel, the following vulnerability has been resolved: class: fix use-after-free in classregister The lockclasskey is still registered and can be found in lockkeyshash hlist after subsysprivate is freed in error handler path.A task who iterate over the lockkeyshash later may cause...
Spoofing
In the Linux kernel, the following vulnerability has been resolved: net: hso: fix null-ptr-deref during tty device unregistration Multiple ttys try to claim the same the minor number causing a double unregistration of the same device. The first unregistration succeeds but the next one results in ...
Cross site scripting
A DOM based cross-site scripting XSS vulnerability in the component generator.html of tabatkins/railroad-diagrams before commit ea9a123 allows attackers to execute arbitrary Javascript via sending a crafted URL...
Information disclosure
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to unverified sources in messages sent between Windows objects of different origins. IBM X-Force ID: 254290...
Design/Logic Flaw
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path. IBM X-Force ID: 255898...
Cross site request forgery (csrf)
Cross-Site Request Forgery vulnerability in SMA Cluster Controller, affecting version 01.05.01.R. This vulnerability could allow an attacker to send a malicious link to an authenticated user to perform actions with these user permissions on the affected device...
Sql injection
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /psubmit.php. The manipulation of the argument pid with the input '+or+1%3d1%23 leads to sql injection. It is possible to launch the attack...
Code injection
Exposure of sensitive data by by crafting a malicious EventFactory and providing a custom ExchangeCreatedEvent that exposes sensitive data. Vulnerability in Apache Camel.This issue affects Apache Camel: from 3.21.X through 3.21.3, from 3.22.X through 3.22.0, from 4.0.X through 4.0.3, from 4.X...
Null pointer dereference
In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fix null pointer dereference in ofsysconregister kasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure...
Command injection
Splinefont in FontForge through 20230101 allows command injection via crafted archives or compressed files...
Path traversal
In Indo-Sol PROFINET-INspektor NT through 2.4.0, a path traversal vulnerability in the httpuploadd service of the firmware allows remote attackers to write to arbitrary files via a crafted filename parameter in requests to the /upload endpoint...
Design/Logic Flaw
In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kvparsepowertable When ps allocated by kzalloc equals to NULL, kvparsepowertable frees adev-pm.dpm.ps that allocated before. However, after the control flow goes through the following call...
Null pointer dereference
Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary...
Cross site scripting
The Archivist – Custom Archive Templates plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘shortcodeattributes' parameter in all versions up to, and including, 1.7.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
Design/Logic Flaw
Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system including project dependencies. An attacker could exploit this vulnerability to gather details abou...
Improper access control
Improper access control vulnerability has been identified in the SMA100 SSL-VPN virtual office portal, which in specific conditions could potentially enable a remote authenticated attacker to associate another user's MFA mobile application...
Sql injection
SQL Injection vulnerability in CRMEB crmebjava v.1.3.4 and before allows a remote attacker to obtain sensitive information via the latitude and longitude parameters in the api/front/store/list component...
Information disclosure
Microsoft Edge Chromium-based Information Disclosure Vulnerability...
Design/Logic Flaw
An issue in zkteco zkbio WDMS v.8.0.5 allows an attacker to execute arbitrary code via the /files/backup/ component...
Spoofing
Microsoft Edge Chromium-based Spoofing Vulnerability...
Hardcoded credentials
Insecure AES key in Yealink Configuration Encrypt Tool below verrsion 1.2. A single, vendorwide, hardcoded AES key in the configuration tool used to encrypt provisioning documents was leaked leading to a compromise of confidentiality of provisioning documents...
Sql injection
In the module "Generate barcode on invoice / delivery slip" ecgeneratebarcode from Ether Creation = 1.2.0 for PrestaShop, a guest can perform SQL injection...
Information disclosure
Microsoft Edge Chromium-based Information Disclosure Vulnerability...
Design/Logic Flaw
Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. This issue leads to a client-side RCE when running an untrusted recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over template variables...
Design/Logic Flaw
Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untrusted dataset. This issue leads to a client-side RCE when running the recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over dataset table fields...
Design/Logic Flaw
In the module "Survey TMA" ecomizsurveytma up to version 2.0.0 from Ecomiz for PrestaShop, a guest can download personal information without restriction...
Design/Logic Flaw
Hitron CODA-4582 and CODA-4589 devices have default PSKs that are generated from 5-digit hex values concatenated with a "Hitron" substring, resulting in insufficient entropy only about one million possibilities...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...
Open redirect
Rejected reason: This is unused...