CVE-2024-12791

Codezips E-Commerce Site 1.0 has a SQL injection in signin.php via the email parameter. Multiple connected sources confirm remote exploitation and disclosure. The issue affects signin.php processing and can be triggered without authentication. Some entries cite a critical rating; others list gene...

CVE-2024-12791 Codezips E-Commerce Site signin.php sql injection

A vulnerability was found in Codezips E-Commerce Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file signin.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2024-12791 Codezips E-Commerce Site signin.php sql injection

A vulnerability was found in Codezips E-Commerce Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file signin.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the...

Oracle Linux 8 : virt:kvm_utils1 (ELSA-2024-12791)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12791 advisory. - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 - Fix for CVE-2019-9755 heap-based buffer overflow leads to local root...

SUSE CVE-2017-12791

Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.11.7 and 2017.7.x before 2017.7.1 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID...

elita (>=0.60.0 <=0.64.1) potentially affected by CVE-2017-12791 via salt (=2014.1.10)

salt PYPI version =2014.1.10 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - elita =0.60.0, =0.64.1 Source cves: CVE-2017-12791 Source advisory: OSV:GHSA-XXVJ-8G5M-4QGW...

SUSE: Security Advisory (SUSE-SU-2017:2666-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Integer overflow

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.2-49151. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

USN-4769-1: Salt vulnerabilities

It was discovered that Salt allowed remote attackers to write to arbitrary files via a special crafted file. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM. CVE-2014-3563 Andreas Stieger discovered that Salt...

ProFTPD Denial of Service Vulnerability (CNVD-2020-12791)

ProFTPD is a secure cloud printing solution from the ProFTPD team. The solution supports printing from laptops, desktops and mobile devices connected to printers. ProFTPD suffers from a denial of service vulnerability that stems from the program not properly handling excessively long commands. An...

Photon OS 1.0: Salt PHSA-2018-1.0-0106

An update of the salt package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-1.0-0106. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121806;...

CVE-2018-12791

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user...

CVE-2018-12791

CVE-2018-12791 affects Adobe Acrobat/Reader versions: 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier. The vulnerability is a Use-after-free that could lead to arbitrary code execution in the context of the current user. The CVSS (NVD) indicates a CRITICAL b...

Adobe Acrobat and Reader Use After Free (APSB18-21: CVE-2018-12791)

A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

KLA11283 Multiple vulnerabilities in Adobe Acrobat&Reader

Multiple vulnerabilities was found in Adobe Acrobat&Reader. Original advisories Prenotification Security Advisory for Adobe Acrobat and Reader | APSB18-21 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details. Related products...

FreeBSD : salt -- multiple vulnerabilities (50127e44-7b88-4ade-8e12-5d57320823f1)

SaltStack reports : Directory traversal vulnerability in minion id validation in SaltStack. Allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. Credit for discovering the security flaw goes to: Julian Brost [email protected]. NOTE: this...

Directory Traversal

salt is vulnerable to directory traversal attacks. The attack is possible because of an incomplete fix for CVE-2017-12791. A malicious user can include escape characters and path separators into credentials when authenticating to a master to traverse the filesystem...

CVE-2017-14695

CVE-2017-14695 is a SaltStack Salt directory traversal vulnerability in minion_id validation. It affects Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2, enabling remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. This iss...

openSUSE Security Update : salt (openSUSE-2017-1183)

Salt was updated to 2017.7.2 and also to fix various bugs and security issues. See the following resources for the full changelog: https://docs.saltstack.com/en/develop/topics/releases/2017.7.2.html https://docs.saltstack.com/en/develop/topics/releases/2017.7.1.html...

SUSE SLES11 Security Update : salt (SUSE-SU-2017:2666-1)

This update for salt fixes one security issue and bugs. The following security issue has been fixed : - CVE-2017-12791: Directory traversal vulnerability in minion id validation allowed remote minions with incorrect credentials to authenticate to a master via a crafted minion ID bsc1053955. The...