31 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-13010
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab Enterprise Edition 8.3 through 12.0.2. The color codes decoder was vulnerable to a resource depletion attack if specific forma...
CVE-2022-40770
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to authenticated command injection. This can be exploited by high-privileged users...
CVE-2018-13010
WSTMall v1.9.1170316 has CSRF via the index.php?m=Admin=Users=edit URI to add a user account...
Linux Distros Unpatched Vulnerability : CVE-2017-13010
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:lstrnstart. CVE-2017-13010 Note that Nessus relies on the presence of the package...
CVE-2024-13010
The WP Foodbakery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 4.8 due to insufficient input sanitization and output escaping on the 'searchtype' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scrip...
CVE-2024-13010
creationtimestamp| type| source ---|---|--- 2025-02-10 18:48:55+00:00| seen| https://infosec.exchange/users/cve/statuses/113981085096993190 2025-02-10 19:15:54+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhtu6rc2ai2z 2025-02-10 21:16:46+00:00| seen|...
CVE-2024-13010 WP Foodbakery <= 4.8 - Reflected Cross-Site Scripting
The WP Foodbakery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 4.8 due to insufficient input sanitization and output escaping on the 'searchtype' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scrip...
CVE-2022-40772
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module...
CVE-2022-40771
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to an XML External Entity attack that leads to Information Disclosure...
CVE-2022-40770
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to authenticated command injection. This can be exploited by high-privileged users...
CVE-2022-40771
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to an XML External Entity attack that leads to Information Disclosure...
ZOHO ManageEngine ServiceDesk Plus 命令注入漏洞
ZOHO ManageEngine ServiceDesk Plus SDP is the United States ZhuoHao ZOHO company's set of ITIL-based architecture of IT service management software. The software integrates Incident Management, Problem Management, Asset Management, IT Project Management, Procurement and Contract Management, and...
ZOHO ManageEngine ServiceDesk Plus 代码问题漏洞
ZOHO ManageEngine ServiceDesk Plus SDP is the United States ZhuoHao ZOHO company's set of ITIL-based architecture of IT service management software. The software integrates Incident Management, Problem Management, Asset Management, IT Project Management, Procurement and Contract Management, and...
PT-2022-25530 · Zoho · Manageengine Servicedesk Plus
Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ServiceDesk Plus versions 13010 and prior Description: The issue is related to an XML External Entity attack, which leads to Information Disclosure. This attack can potentially expose sensitive information. Recommendations:...
PT-2022-25529 · Zoho · Zoho Manageengine Servicedesk Plus
Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ServiceDesk Plus versions 13010 and prior Description: The issue is related to authenticated command injection, which can be exploited by high-privileged users. Recommendations: For Zoho ManageEngine ServiceDesk Plus version...
PT-2022-25531 · Zoho · Zoho Manageengine Servicedesk Plus
Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ServiceDesk Plus versions 13010 and prior Description: The issue is related to a validation bypass that allows users to access sensitive data via the report module. This is due to improper input validation, which can lead to...
CVE-2020-13010
CVE-2020-13010 is rejected/not used; this ID does not represent an active vulnerability entry.
CVE-2020-13010
...
SUSE SLES11 Security Update : tcpdump (SUSE-SU-2019:14191-1)
The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:14191-1 advisory. - The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:namelen. CVE-2017-12893 - Several protocol parsers in tcpdum...
CVE-2019-13010
An issue was discovered in GitLab Enterprise Edition 8.3 through 12.0.2. The color codes decoder was vulnerable to a resource depletion attack if specific formats were used. It allows Uncontrolled Resource Consumption...