176 matches found
CVE-2024-0884 SourceCodester Online Tours & Travels Management System payment.php exec sql injection
A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. This issue affects the function exec of the file payment.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has...
CVE-2021-0884
CVE-2021-0884 concerns the PowerVR kernel driver’s PVRSRVBridgePhysmemImportSparseDmaBuf function. A missing size check enables an integer overflow, which could permit out-of-bounds heap access and local escalation of privilege without additional execution privileges. Exploitation details (vector...
CVE-2021-0884
In PVRSRVBridgePhysmemImportSparseDmaBuf of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is n...
SUSE: Security Advisory (SUSE-SU-2023:0884-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12: grub2 / grub2-i386-pc / grub2-snapper-plugin / etc (SUSE-SU-2023:0884-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2023:0884-1 advisory. - rebuild the package with the new secure boot key bsc1209188. Tenable has extracted the preceding description block directly from the SUSE security...
SUSE CVE-2004-0884
The 1 libsasl and 2 libsasl2 libraries in Cyrus-SASL 2.1.18 and earlier trust the SASLPATH environment variable to find all available SASL plug-ins, which allows local users to execute arbitrary code by modifying the SASLPATH to point to malicious programs...
Security Bulletin: IBM Tivoli Netcool System Service Monitors/Application Service Monitors is affected by multiple OpenSSL vulnerabilities
Abstract A number of security vulnerabilities have been discovered in the OpenSSL libraries included in IBM Tivoli Netcool System Service Monitors/Application Service Monitors. Content VULNERABILITY DETAILS: CVE Ids: CVE-2012-2131 CVE-2012-2110 CVE-2012-0884 CVE-2012-0050 CVE-2011-4108...
Security Bulletin: IBM Sterling Connect:Enterprise for UNIX is affected by multiple vulnerabilities in OpenSSL
Abstract A number of security vulnerabilities have been discovered in the OpenSSL libraries included in IBM Sterling Connect:Enterprise for UNIX. Content VULNERABILITY DETAILS: CVE IDs : CVE-2012-2131 CVE-2012-2110 CVE-2012-0884 CVE-2012-0050 CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-461...
Security Bulletin: IBM Smart Analytics System 7600, 7700, and 7710 are affected by vulnerabilities in OpenSSL
Abstract A number of security vulnerabilities have been identified in the OpenSSL libraries that are part of the operating system software included with the vulnerable systems. Content VULNERABILITY DETAILS CVE IDs: CVE-2012-2131, CVE-2012-2110, CVE-2012-0884, CVE-2012-0050, CVE-2011-4108,...
CVE-2022-0884
The Profile Builder WordPress plugin before 3.6.8 does not sanitise and escape Form Fields titles and description, which could allow high privilege user such as admin to perform Criss-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2022-0884
The Profile Builder WordPress plugin before 3.6.8 does not sanitise and escape Form Fields titles and description, which could allow high privilege user such as admin to perform Criss-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2022-0884
CVE-2022-0884 affects the WordPress plugin Profile Builder prior to 3.6.8. The vulnerability arises from insufficient sanitization/escaping of Form Fields titles and descriptions, enabling a high-privilege user (e.g., admin) to perform stored cross-site scripting attacks even when unfiltered_html...
SUSE: Security Advisory (SUSE-SU-2015:0884-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Out-of-bounds write
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0884, CVE-2019-0918...
GHSA-9735-P6R2-2HGH Out-of-bounds write
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0884, CVE-2019-0918...
pcna.com Cross Site Scripting vulnerability OBB-1196176
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
CVE-2020-0884
CVE-2020-0884 describes a spoofing vulnerability in Microsoft Visual Studio where a reply URL is not secured by SSL. An attacker who exploits this could compromise access tokens used during development workflows (e.g., when working with an Outlook Web Add-in) and thereby gain security/privacy ris...
CVE-2019-0884
Technical details for CVE-2019-0884 are not publicly available in the provided documents; no affected product/version or exploit guidance are specified. Monitor for updates from official advisories.
Microsoft Windows Multiple Vulnerabilities (KB4494440)
This host is missing a critical security update according to Microsoft KB4494440 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...
Microsoft Windows Multiple Vulnerabilities (KB4499167)
This host is missing a critical security update according to Microsoft KB4499167 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...