CVE-2022-48334
Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys total_len+file_name_len integer overflow and resultant buffer overflow.
Source: CVE-2022-48334
[월:] 2023년 06월
CVE-2022-40010
CVE-2022-40010
Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered to contain a cross-site scripting (XSS) vulnerability via the deviceId parameter in the Parental Control module.
Source: CVE-2022-40010
CVE-2022-48333
CVE-2022-48333
Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys prefix_len+feature_name_len integer overflow and resultant buffer overflow.
Source: CVE-2022-48333
CVE-2022-48332
CVE-2022-48332
Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys file_name_len integer overflow and resultant buffer overflow.
Source: CVE-2022-48332
CVE-2023-33580
CVE-2023-33580
Phpgurukul Student Study Center Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in the "Admin Name" field on Admin Profile page.
Source: CVE-2023-33580
CVE-2023-28485
CVE-2023-28485
A stored cross-site scripting (Stored XSS) vulnerability in file preview in WeKan before 6.75 allows remote authenticated users to inject arbitrary web script or HTML via names of file attachments. Any user can obtain the privilege to rename within their own board (where they have BoardAdmin access), and renameAttachment does not block XSS payloads.
Source: CVE-2023-28485
CVE-2023-29459
CVE-2023-29459
The laola.redbull application through 5.1.9-R for Android exposes the exported activity at.redbullsalzburg.android.AppMode.Default.Splash.SplashActivity, which accepts a data: URI. The target of this URI is subsequently loaded into the application’s webview, thus allowing the loading of arbitrary content into the context of the application. This can occur via the fcrbs schema or an explicit intent invocation.
Source: CVE-2023-29459
CVE-2022-48331
CVE-2022-48331
Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys feature_name_len integer overflow and resultant buffer overflow.
Source: CVE-2022-48331
CVE-2023-36301
CVE-2023-36301
Talend Data Catalog before 8.0-20230221 contain a directory traversal vulnerability in HeaderImageServlet.
Source: CVE-2023-36301
CVE-2023-25306
CVE-2023-25306
MultiMC Launcher <= 0.6.16 is vulnerable to Directory Traversal.
Source: CVE-2023-25306