CVE-2025-15491 Post Slides <= 1.0.1 - Contributor+ Local File Inclusion

The Post Slides WordPress plugin through 1.0.1 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as with contributor or higher roles to perform LFI attacks...

tomcat11-11.0.10-1.1 on GA media (moderate)

tomcat11-11.0.10-1.1 on GA media Announcement ID: openSUSE-SU-2025:15491-1 Rating: moderate Cross-References: CVE-2025-48989 CVSS scores: CVE-2025-48989 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-48989 SUSE : 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:...

CVE-2019-15491

openITCOCKPIT before 3.7.1 has CSRF, aka RVID 2-445b21...

CVE-2019-15491

openITCOCKPIT before 3.7.1 has CSRF, aka RVID 2-445b21...

CVE-2019-15491

openITCOCKPIT before 3.7.1 has CSRF, aka RVID 2-445b21...

CVE-2019-15491

OpenITCOCKPIT vulnerable before 3.7.1 due to a Cross-Site Request Forgery (CSRF) flaw (RVID 2-445b21). The issue affects the ability of an attacker to induce unintended requests from a logged-in user. Publicly documented impact is CSRF with implications for authenticated operations; CVSS data in ...

CVE-2018-15491

A vulnerability in the permission and encryption implementation of Zemana Anti-Logger 1.9.3.527 and prior fixed in 1.9.3.602 allows an attacker to take control of the whitelisting feature MyRules2.ini under %LOCALAPPDATA%\Zemana\ZALSDK to permit execution of unauthorized applications such as ones...

CVE-2018-15491

CVE-2018-15491 affects Zemana Anti-Logger 1.9.3.527 and earlier. A permissions/encryption flaw lets an attacker take control of the whitelisting feature (MyRules2.ini under %LOCALAPPDATA%\Zemana\ZALSDK) to execute unauthorized applications (e.g., keystroke loggers). The issue is fixed in version ...

CVE-2018-15491

A vulnerability in the permission and encryption implementation of Zemana Anti-Logger 1.9.3.527 and prior fixed in 1.9.3.602 allows an attacker to take control of the whitelisting feature MyRules2.ini under %LOCALAPPDATA%\Zemana\ZALSDK to permit execution of unauthorized applications such as ones...

CVE-2017-15491

...

CVE-2017-15491

CVE-2017-15491 is rejected; this CVE ID is not associated with a vulnerability and is not an active entry.

Novell NetMail <= 3.52d IMAP STATUS Buffer Overflow

No description provided by source. $Id: novellnetmailstatus.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...

Novell NetMail <= 3.52d IMAP STATUS Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Novell NetMa...

Novell NetMail IMAP STATUS Buffer Overflow

This module exploits a stack buffer overflow in Novell's NetMail 3.52 IMAP STATUS verb. By sending an overly long string, an attacker can overwrite the buffer and control program execution. This module requires Metasploit: https://metasploit.com/download Current source:...

NetMail IMAP buffer overflow

Added: 11/30/2005 CVE: CVE-2005-3314 BID: 15491 OSVDB: 20956 Background Novell NetMail is an e-mail and calendaring server application. Problem A buffer overflow in the NetMail IMAP service could allow authenticated users to execute arbitrary commands using a long, specially crafted argument to...