213680 matches found
Sql injection
A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass crafted offset, limit, and sort parameters to perform SQL injection via /novel/pay/list...
Sql injection
A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass in crafted offset, limit, and sort parameters to perform SQL via /sys/user/exit...
Remote code execution
SQL Injection Remote Code Execution Vulnerability was found using an update statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited...
Design/Logic Flaw
jshERP v3.3 is vulnerable to Arbitrary File Upload. The jshERP-boot/systemConfig/upload interface does not check the uploaded file type, and the biz parameter can be spliced into the upload path, resulting in arbitrary file uploads with controllable paths...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in all versions up to 1.14.1 of the api server component of Allegro AI’s ClearML platform allows a remote attacker to impersonate a user by sending API requests via maliciously crafted html. Exploitation of the vulnerability allows an attacker to...
Path traversal
A path traversal vulnerability in versions 1.4.0 to 1.14.1 of the client SDK of Allegro AI’s ClearML platform enables a maliciously uploaded dataset to write local or remote files to an arbitrary location on an end user’s system when interacted with...
Authentication flaw
Lack of authentication in all versions of the fileserver component of Allegro AI’s ClearML platform allows a remote attacker to arbitrarily access, create, modify and delete files...
Cross site scripting
A cross-site scripting XSS vulnerability in all versions of the web server component of Allegro AI’s ClearML platform allows a remote attacker to execute a JavaScript payload when a user views the Debug Samples tab in the web UI...
Security feature bypass
Rejected reason: We have rejected this CVE as it was determined a non-security issue by the vendor...
Deserialization of untrusted data
Deserialization of untrusted data can occur in versions 0.17.0 to 1.14.2 of the client SDK of Allegro AI’s ClearML platform, enabling a maliciously uploaded artifact to run arbitrary code on an end user’s system when interacted with...
Heap overflow
A flaw was found in indent, a program for formatting C code. This issue may allow an attacker to trick a user into processing a specially crafted file to trigger a heap-based buffer overflow, causing the application to crash...
Information disclosure
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. It was discovered that information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive...
Cross site scripting
In JetBrains TeamCity before 2023.11.2 stored XSS via agent distribution was possible...
Code injection
In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed...
Path traversal
In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives...
Path traversal
In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives...
Design/Logic Flaw
In JetBrains Rider before 2023.3.3 logging of environment variables containing secret values was possible...
Authentication flaw
In JetBrains IntelliJ IDEA before 2023.3.3 a plugin for JetBrains Space was able to send an authentication token to an inappropriate URL...
Information disclosure
In JetBrains Toolbox App before 2.2 a DoS attack was possible via a malicious SVG image...
Directory traversal
In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation...
Path traversal
Malicious code execution via path traversal in Apache Software Foundation Apache Sling Servlets Resolver.This issue affects all version of Apache Sling Servlets Resolver before 2.11.0. However, whether a system is vulnerable to this attack depends on the exact configuration of the system. If the...
Authentication flaw
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible...
Default configuration
A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under Trusted Root Certification Authorities with Enhanced Key Usage of Code Signing 1.3.6.1.5.5.7.3.3, valid from 2023 until 2033. This is potentially unwanted, e.g., because there is no public documentation of...
Input validation
An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server...
Null pointer dereference
A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the linebytessplit function, potentially leading to an application crash and denial of service...
Code injection
linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks ODIRECTORY...
Privilege escalation
Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service...
Design/Logic Flaw
Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege user can execute malicious code during installation and uninstallation...
Design/Logic Flaw
DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to denial of service...
Arbitrary file deletion
Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion...
Privilege escalation
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vulnerability by...
Design/Logic Flaw
Dell Data Protection Search 19.2.0 and above contain an exposed password opportunity in plain text when using LdapSettings.getldapinfo in DP Search. A remote unauthorized unauthenticated attacker could potentially exploit this vulnerability leading to a loss of Confidentiality, Integrity,...
Authorization
Dell Power Manager, versions prior to 3.14, contain an Improper Authorization vulnerability in DPM service. A low privileged malicious user could potentially exploit this vulnerability in order to elevate privileges on the system...
Arbitrary file deletion
Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion vulnerability. A locally authenticated malicious user may exploit this vulnerability in order to perform a privileged arbitrary file delete...
Design/Logic Flaw
The XML parser in Magic xpi Integration Platform 4.13.4 allows XXE attacks, e.g., via onItemImport...
Memory corruption
Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point...
Code injection
Transient DOS while parse fils IE with length equal to 1...
Memory corruption
Memory corruption in video while parsing invalid mp2 clip...
Memory corruption
Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points...
Memory corruption
Memory corruption in Audio while processing IIR config data from AFE calibration block...
Memory corruption
Memory corruption in Core while processing control functions...
Memory corruption
Memory corruption in HLOS while converting from authorization token to HIDL vector...
Improper access control
Memory corruption in Automotive Multimedia due to improper access control in HAB...
Memory corruption
Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element...
Memory corruption
Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size...
Authorization
Transient DOS while processing 11AZ RTT management action frame received through OTA...
Memory corruption
Memory corruption while reading ACPI config through the user mode app...
Design/Logic Flaw
Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame...
Memory corruption
Memory corruption when negative display IDs are sent as input while processing DISPLAYESCAPE event trigger...
Memory corruption
Memory corruption in Core when updating rollback version for TA and OTA feature is enabled...