Vulnerabilidades CVE

app/plug/attachment/controller/admincontroller.php in SDCMS 1.6 allows reading arbitrary files via a /?m=plug&c=admin&a=index&p=attachment&root= directory traversal. The value of the root parameter mu...

internal/advanced_comment_system/admin.php in Advanced Comment System 1.0 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an ...

DomainMOD through 4.11.01 has XSS via the assets/add/account-owner.php Owner name field.

DomainMOD through 4.11.01 has XSS via the assets/add/registrar.php notes field for the Registrar.

In The Sleuth Kit (TSK) through 4.6.4, hfs_cat_traverse in tsk/fs/hfs.c does not properly determine when a key length is too large, which allows attackers to cause a denial of service (SEGV on unknown...

i4 assistant 7.85 allows XSS via a crafted machine name field within iOS settings.

There is an illegal address access at asm/preproc.c (function: is_mmacro) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service (out-of-bounds array access) because a certain conver...

There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service.

login.php in Adiscon LogAnalyzer before 4.1.7 has XSS via the Login Button Referer field.

In SolarWinds SFTP/SCP Server through 2018-09-10, the configuration file is world readable and writable, and stores user passwords in an insecure manner, allowing an attacker to determine passwords fo...

SolarWinds SFTP/SCP server through 2018-09-10 is vulnerable to XXE via a world readable and writable configuration file that allows an attacker to exfiltrate data.

Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a local unprivileged attacker to recover the plaintext of RSA decryption, which is used in RSA-without-(EC)DH(E) cipher suites.

Local attackers can trigger a stack-based buffer overflow on vulnerable installations of Antiy-AVL ATool security management v1.0.0.22. An attacker must first obtain the ability to execute low-privile...

Tarantella Enterprise before 3.11 allows Directory Traversal.

Tarantella Enterprise before 3.11 allows bypassing Access Control.

In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted s...

In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote attackers to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg fi...

An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and appl...

An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and appl...

An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and appl...

An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and appl...

An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and appl...

DomainMOD through 4.11.01 has XSS via the admin/dw/add-server.php DisplayName, HostName, or UserName field.

SearchController.php in PbootCMS 1.2.1 has SQL injection via the index.php/Search/index.html query string.

ThinkCMF X2.2.2 has SQL Injection via the functions check() and delete() in CommentadminController.class.php and is exploitable with the manager privilege via the ids[] parameter in a commentadmin act...

ThinkCMF X2.2.2 has SQL Injection via the function edit_post() in NavController.class.php and is exploitable with the manager privilege via the parentid parameter in a nav action.

ThinkCMF X2.2.2 has SQL Injection via the function delete() in SlideController.class.php and is exploitable with the manager privilege via the ids[] parameter in a slide action.

ThinkCMF X2.2.2 has SQL Injection via the function _listorders() in AdminbaseController.class.php and is exploitable with the manager privilege via the listorders[key][1] parameter in a Link listorder...

ThinkCMF X2.2.2 has SQL Injection via the method edit_post in ArticleController.class.php and is exploitable by normal authenticated users via the post[id][1] parameter in an article edit_post action.

A Server-Side Template Injection issue was discovered in Crafter CMS 3.0.18. Attackers with developer privileges may execute OS commands by Creating/Editing a template file (.ftl filetype) that trigge...

The svpn component of the F5 BIG-IP APM client prior to version 7.1.7.2 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on t...

IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploi...

IBM i2 Enterprise Insight Analysis 2.1.7 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 141413.

IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could explo...

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.0, 3.0.2, and 3.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript c...

An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. It has SQL injection via the member/member_order.php type parameter, related to the O_state parameter.

IBM Connections 5.0, 5.5, and 6.0 could allow an authenticated user to obtain sensitive information from invalid request error messages. IBM X-Force ID: 153315.

In V4L2SliceVideoDecodeAccelerator::Dequeue of v4l2_slice_video_decode_accelerator.cc, there is a possible out of bounds read of a function pointer due to an incorrect bounds check. This could lead to...

In unflatten of GraphicBuffer.cpp, there is a possible bad fd close due to improper input validation. This could lead to local escalation of privilege in the system server with no additional execution...

In multiple functions of ContentProvider.java, there is a possible permission bypass due to a missing URI validation. This could lead to local information disclosure with no additional execution privi...

In lppTransposer of lpp_tran.cpp there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User inte...

In CAacDecoder_Init of aacdecoder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. U...

In CAacDecoder_Init of aacdecoder.cpp, there is a possible out-of-bound write due to a missing bounds check. This could lead to remote code execution in the media server with no additional execution p...

In ihevcd_sao_shift_ctb of ihevcd_sao.c there is a possible out of bounds write due to missing bounds check. This could lead to information disclosure with no additional execution privileges needed. U...

In MasteringMetadata::Parse of mkvparser.cc there is a possible double free due to an insecure default value. This could lead to remote code execution with no additional execution privileges needed. U...

In dumpExtractors of IMediaExtractor.cp, there is a possible disclosure of recently accessed media files due to a permissions bypass. This could lead to local information disclosure with no additional...

In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege over Bluetooth with no additional execution ...

In ParsePayloadHeader of payload_metadata.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privile...

In really_install_package of install.cpp, there is a possible free of arbitrary memory due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileg...