MiracleLinux 3 : dovecot-1.0.7-7.1.0.1.AXS3 (AXSA:2011-295:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2011-295:01 advisory. Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in eith...

EUVD-2011-4221

Malware in sbrugna...

EUVD-2011-4241

Malware in sbrugna...

EUVD-2011-4239

Malware in sbrugna...

EUVD-2011-4220

Malware in sbrugna...

EUVD-2016-5078

Malware in sbrugna...

EUVD-2006-5094

Malware in sbrugna...

Apache Commons IO 2.0.x < 2.14.0 DoS Vulnerability

The Apache Commons IO library is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

GHSA-PP7V-WXX9-HM6R Thelia BackOffice default template vulnerable to Cross-site Scripting

The BackOffice of Thelia error.html template has a cross-site scripting vulnerability in version 2.1.0 and 2.1.1 but not version 2.0.X. Version 2.1.2 contains a patch for the issue...

GHSA-VQ4J-QCX7-PPC6 Thelia Cross-site Scripting vulnerability in BackOffice

The BackOffice of Thelia error.html template has a cross-site scripting vulnerability in version 2.1.0 and 2.1.1 but not version 2.0.X. Version 2.1.2 contains a patch for the issue...

PT-2024-40122 · Neos · Neos

Name of the Vulnerable Software and Affected Versions: Neos versions 2.0.x Description: The issue allows for several XSS attacks, enabling an attacker to tamper with page rendering, redirect victims to a fake login page, or capture user credentials. An attacker could also gain access to the serve...

VMware Fusion SEoL (2.0.x)

According to its version, VMware Fusion is 2.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C...

Oracle Linux 6 : dovecot (ELSA-2011-0600)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0600 advisory. 2.0.9-2 - fix issues and assert crashes found in 2.0.9 lmtp,dotlock,zlib 2.0.9-1 - dovecot updated to 2.0.9 - fixed a high system CPU usage / high...

CVE-2023-29630

PrestaShop jmsmegamenu 1.1.x and 2.0.x is vulnerable to SQL Injection via ajaxjmsmegamenu.php...

Checkmk 2.0.x < 2.0.p36, 2.1.x < 2.1.0p28, 2.2.x < 2.2.0b8 Command Injection Vulnerability

Checkmk is prone to a command injection vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:checkmk:checkmk"; if...

SUSE CVE-2002-0392

Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size...

SUSE CVE-2010-3174

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...

SUSE CVE-2016-9373

In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss.c by using the wmem file scope for private...

SUSE CVE-2018-8088

org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. EventData in the slf4j-ext module in QOS.CH SLF4J, has been fixed in SLF4J versions 1.7.26 later and in the 2.0.x series...

SUSE CVE-2018-11760

When using PySpark , it's possible for a different local user to connect to the Spark application and impersonate the user running the Spark application. This affects versions 1.x, 2.0.x, 2.1.x, 2.2.0 to 2.2.2, and 2.3.0 to 2.3.1...