12 matches found
CVE-2026-4891 affecting package dnsmasq for versions less than 2.92-1
CVE-2026-4891 affecting package dnsmasq for versions less than 2.92-1. A patched version of the package is available...
EUVD-2000-0894
Malware in sbrugna...
CVE-2022-4882
A vulnerability was found in kaltura mwEmbed up to 2.91. It has been rated as problematic. Affected by this issue is some unknown functionality of the file modules/KalturaSupport/components/share/share.js of the component Share Plugin. The manipulation of the argument res leads to cross site...
CVE-2022-4882 kaltura mwEmbed Share Plugin share.js cross site scripting
A vulnerability was found in kaltura mwEmbed up to 2.91. It has been rated as problematic. Affected by this issue is some unknown functionality of the file modules/KalturaSupport/components/share/share.js of the component Share Plugin. The manipulation of the argument res leads to cross site...
WordPress Accesspress Lite theme <= 2.92 - Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
Authenticated Arbitrary Plugin Activation/Deactivation vulnerability discovered by Ex.Mi Patchstack in WordPress Accesspress Lite theme versions = 2.92. Solution Deactivate and delete. The vendor ignores the vulnerability reports, avoids any conversation...
CVE-2018-5702
Transmission through 2.92 relies on X-Transmission-Session-Id which is not a forbidden header for Fetch for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS...
DEBIAN-CVE-2018-5702
Transmission through 2.92 relies on X-Transmission-Session-Id which is not a forbidden header for Fetch for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS...
CVE-2018-5702
Transmission 2.92 and earlier versions rely on X-Transmission-Session-Id for access control, which is not a forbidden header for Fetch. This allows remote attackers to execute arbitrary RPC commands and write arbitrary files via POST to /transmission/rpc when combined with a DNS rebinding attack....
CVE-2018-5702
Transmission through 2.92 relies on X-Transmission-Session-Id which is not a forbidden header for Fetch for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS...
CVE-2018-5702
Transmission through 2.92 relies on X-Transmission-Session-Id which is not a forbidden header for Fetch for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS...
CVE-2018-5702
Transmission through 2.92 relies on X-Transmission-Session-Id which is not a forbidden header for Fetch for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS...
CVE-2000-0907
CVE-2000-0907 affects EServ 2.92 Build 2982. Remote attackers can exploit long HELO and MAIL FROM commands to cause a denial of service and possibly execute arbitrary commands. The CVSS v2 base score is 7.5 (HIGH), with network access and low attack complexity. The description explicitly states t...