Authorization Bypass Through User-Controlled Key

Overview sjbr/sr-feuser-register is an A self-registration variant of Kasper Skårhøj's Front End User Admin extension for TYPO3 CMS. Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the handling of user input. An attacker can read arbitrary...

CVE-2024-3330 Spotfire Remote Code Execution Vulnerability

Vulnerability in Spotfire Spotfire Analyst, Spotfire Spotfire Server, Spotfire Spotfire for AWS Marketplace allows In the case of the installed Windows client: Successful execution of this vulnerability will result in an attacker being able to run arbitrary code.This requires human interaction fr...

Wordpress BuddyPress plugin <= 12.5.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Activity Reactions For Buddypress versions = 12.5.0...

CVE-2023-38534

Improper authentication vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.0 and 12.5.1. The vulnerability could allow disclosure of restricted information in unauthenticated RPC...

Electrolink FM/DAB/TV Transmitter (Login Cookie) Authentication Bypass

Electrolink FM/DAB/TV Transmitter Login Cookie Authentication Bypass Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100W, 500W...

Electrolink FM/DAB/TV Transmitter SuperAdmin Hidden Functionality

Summary Since 1990 Electrolink has been dealing with design and manufacturing of advanced technologies for radio and television broadcasting. The most comprehensive products range includes: FM Transmitters, DAB Transmitters, TV Transmitters for analogue and digital multistandard operation, Bandpa...

PT-2020-20284 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab Enterprise Edition EE versions 12.5.0 through 12.7.5 Description: The issue allows project access to unauthorized users when a group is shared with another group. Recommendations: For GitLab Enterprise Edition EE versions 12.5.0 throug...

CVE-2018-3048

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications subcomponent: Core module. Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network...

CVE-2018-3024

Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications subcomponent: Payments Core. Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via...

CVE-2018-3025

Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications subcomponent: Payments Core. Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Difficult to exploit vulnerability allows low privileged attacker with network access v...

CVE-2018-3022

Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications subcomponent: Payments Core. Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via...

CVE-2018-2895

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications subcomponent: Core module. Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network...

Buffer overflow

Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications subcomponent: Payments Core. Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via...

Buffer overflow

Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications subcomponent: Payments Core. Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Difficult to exploit vulnerability allows low privileged attacker with network access v...

Buffer overflow

Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications subcomponent: Payments Core. Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via...

CVE-2018-2747

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications subcomponent: Core module. Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0 and 14.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via...

CVE-2016-7083

CVE-2016-7083 — VMware Workstation/Player 12.x prior to 12.5.0 (Windows) is vulnerable when Cortado ThinPrint virtual printing is enabled. The flaw stems from handling TrueType fonts embedded in EMFSPOOL, which could let a guest OS user execute arbitrary code on the host or trigger a host memory ...

PCAnywhere 12.5.0 build 463 Denial of Service

No description provided by source. !/usr/bin/python ''' Exploit Title: PCAnywhere Nuke Date: 2/16/12 Author: Johnathan Norman spoofy at exploitscience.org or @spoofyroot Version: PCAnyWhere 12.5.0 build 463 and below Tested on: Windows Description: The following code will crash the awhost32...

PCAnywhere 12.5.0 build 463 Denial of Service

Exploit for windows platform in category dos / poc !/usr/bin/python ''' Exploit Title: PCAnywhere Nuke Date: 2/16/12 Author: Johnathan Norman spoofy exploitscience.org or @spoofyroot Version: PCAnyWhere 12.5.0 build 463 and below Tested on: Windows Description: The following code will crash the...