CVE-2018-14474

views/auth.go in Orange Forum 1.4.0 allows Open Redirection via the next parameter to /login or /signup...

CVE-2019-14474

eQ-3 Homematic CCU3 3.47.15 and prior has Improper Input Validation in function 'Call' of ReGa core logic process, resulting in the ability to start a Denial of Service. Due to Improper Authorization an attacker can obtain a session ID from CVE-2019-9583 or a valid guest/user/admin account can...

.NET 7.0 security update

7.0.113-1.0.1 - Update to .NET SDK 7.0.113 and Runtime 7.0.13 - Resolves: RHEL-14474...

Cellebrite EPR Decryption Hardcoded AES Key Material Vulnerability

The Cellebrite UFED Physical device relies on key material hardcoded within both the executable code supporting the decryption process and within the encrypted files themselves by using a key enveloping technique. The recovered key material is the same for every device running the same version of...

Cellebrite EPR Decryption Hardcoded AES Key Material

KL-001-2020-003 : Cellebrite EPR Decryption Relies on Hardcoded AES Key Material Title: Cellebrite EPR Decryption Relies on Hardcoded AES Key Material Advisory ID: KL-001-2020-003 Publication Date: 2020.06.29 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-003.txt 1...

CVE-2019-14474

eQ-3 Homematic CCU3 3.47.15 and prior has Improper Input Validation in function 'Call' of ReGa core logic process, resulting in the ability to start a Denial of Service. Due to Improper Authorization an attacker can obtain a session ID from CVE-2019-9583 or a valid guest/user/admin account can...

CVE-2019-14474

CVE-2019-14474 affects eQ-3 Homematic CCU3 (3.47.15 and earlier) with an input validation flaw in the ReGa core logic Call() that allows a Denial of Service. The issue arises from improper authorization; an attacker can start the attack after obtaining a session ID (from CVE-2019-9583) or via a v...

OrangeForum 1.4.0 Open Redirection

Open Redirection Vulnerabilities in OrangeForum 1.4.0 Information -------------------- Advisory by Netsparker Name: Open Redirection Vulnerabilities in OrangeForum 1.4.0 Affected Software: OrangeForum Affected Versions: 1.4.0 Homepage: https://github.com/s-gv/orangeforum Vulnerability: Open...

Foxit Reader Type Obfuscation Remote Code Execution Vulnerability (CNVD-2018-14474)

Foxit Reader old name: Foxit PDF Reader is a set of software used to read PDF format files, by Fujian Foxit Software developed by Foxit Reader is a set of free to use the software, the operating system is mainly based on Microsoft Windows, and as long as there is a Win32 implementation of the...

CVE-2018-14474

views/auth.go in Orange Forum 1.4.0 allows Open Redirection via the next parameter to /login or /signup...

CVE-2018-14474

views/auth.go in Orange Forum 1.4.0 allows Open Redirection via the next parameter to /login or /signup...

Multi-Master Replication Manager for MySQL mmm_agentd Remote Command Injection Vulnerabilities

Summary Multiple exploitable remote command injection vulnerabilities exist in the MySQL Master-Master Replication Manager MMM mmmagentd daemon 2.2.1. mmmagentd commonly runs with root privileges and does not require authentication by default. A specially crafted MMM protocol message can cause a...

Fedora Update for mysql-mmm FEDORA-2018-ca5321b5ff

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for mysql-mmm FEDORA-2018-e31f52c5ee

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-14474

In the MMM::Agent::Helpers::execute function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An attacker that can...

CVE-2017-14474

Summary: CVE-2017-14474 and related MMM vulnerabilities affect MMM mmm_agentd 2.2.1, where _execute() constructs a shell command without sanitizing the $params, enabling an unauthenticated attacker who can open a TCP session to execute arbitrary commands with the privileges of mmm_agentd. Related...

CVE-2017-14474

In the MMM::Agent::Helpers::execute function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An attacker that can...