| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| NULL Pointer Dereference vulnerability in taurusxin ncmdump (src/utils modules). This vulnerability is associated with program files cJSON.Cpp.
This issue affects ncmdump: before 1.4.0. |
| Vitals ESP developed by Galaxy Software Services has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to execute certain functions to obtain sensitive information. |
| An unauthenticated remote attacker may be able to control the format string of messages processed by the Audit Log of the CODESYS Control runtime system, potentially resulting in a denial‑of‑service (DoS) condition. |
| Out-of-bounds Write vulnerability in WujekFoliarz DualSenseY-v2.This issue affects DualSenseY-v2: before 54. |
| A low-privileged remote attacker may be able to replace the boot application of the CODESYS Control runtime system, enabling unauthorized code execution. |
| A security vulnerability has been detected in DefaultFuction Jeson-Customer-Relationship-Management-System up to 1b4679c4d06b90d31dd521c2b000bfdec5a36e00. This affects an unknown function of the file /api/System.php of the component API Module. The manipulation of the argument url leads to server-side request forgery. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The identifier of the patch is f76e7123fe093b8675f88ec8f71725b0dd186310/98bd4eb07fa19d4f2c5228de6395580013c97476. It is suggested to install a patch to address this issue. |
| A vulnerability was found in D-Link DIR-825 and DIR-825R 1.0.5/4.5.1. Affected is the function handler_update_system_time of the file libdeuteron_modules.so of the component NTP Service. The manipulation results in os command injection. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer. |
| NVD-CWE-noinfo vulnerability in albfan miraclecast.This issue affects miraclecast: before v1.0. |
| Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, and Firefox ESR < 140.9. |
| Mitigation bypass in the Networking: HTTP component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9. |
| Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, and Firefox ESR < 140.9. |
| Information disclosure in the Widget: Cocoa component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9. |
| Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9. |
| Uninitialized memory in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9. |
| Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9. |
| Incorrect boundary conditions in the Graphics: Text component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9. |
| Denial-of-service in the Libraries component in NSS. This vulnerability affects Firefox < 149. |
| Memory safety bugs present in Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149. |
| Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, and Firefox ESR < 140.9. |
| Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, and Firefox ESR < 140.9. |
