93 matches found
CVE-2022-3012
CVE-2022-3012 concerns the oretnom23 Fast Food Ordering System. Multiple connected sources confirm a vulnerability in the ffos/admin/reports/index.php component where manipulating the date parameter enables SQL injection. The flaw is exploitable remotely and has been publicly disclosed. Documents...
SUSE: Security Advisory (SUSE-SU-2013:1264-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2013:1256-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2013:1255-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2013:1305-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2013:1293-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2013:1263-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2013:1255-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2013:1257-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2013:1263-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-3012
The CVE-2021-3012 entry concerns a cross-site scripting (XSS) vulnerability in Esri ArcGIS Enterprise/Server prior to version 10.9. The flaw arises in the Document Link of documents, where remote authenticated users can inject arbitrary JavaScript by exploiting a malicious HTML attribute (e.g., o...
CVE-2019-3012
CVE-2019-3012 affects Oracle BI Publisher/BI Platform Security within Oracle Fusion Middleware’s Oracle Business Intelligence Enterprise Edition. Affected versions are 11.1.1.9.0, 12.2.1.3.0, and 12.2.1.4.0. The vulnerability allows an unauthenticated, network-accessing attacker over HTTP to read...
CVE-2018-3012
The CVE-2018-3012 entry concerns Oracle E-Business Suite’s Trade Management UI vulnerability affecting versions 12.1.1–12.2.7. The connected records indicate a vulnerability in the Oracle Trade Management component of E-Business Suite (UI subcomponent) that could be exploited by an unauthenticate...
Security Bulletin: IBM API Connect server credentials used for a specific restricted scenario may have been exposed (CVE-2016-3012)
Summary IBM API Connect server credentials used for a specific restricted scenario that is internal and do not involve authentication may have been exposed and packaged in the toolkit. Vulnerability Details CVEID: CVE-2016-3012 DESCRIPTION: IBM API Connect server credentials used for an internal...
CVE-2017-3012
CVE-2017-3012 is part of Adobe Acrobat/Reader vulnerabilities disclosed under APSB17-11 and related entries. The Initial Description specifies an insecure library loading issue (DLL hijacking) in the OCR plugin affecting Acrobat Reader versions 11.x, 15.x sequences (older builds such as 11.0.19 a...
CVE-2016-3012
IBM API Connect (APIConnect) before 5.0.3.0 with NPM before 2.2.8 includes internal server credentials in the toolkit, which could allow remote attackers to bypass access restrictions by using those credentials. Affected products include IBM API Connect with the specified pre‑fix versions. The vu...
Ubuntu 14.04 LTS / 16.04 LTS : Wget vulnerability (USN-3012-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3012-1 advisory. Dawid Golunski discovered that Wget incorrectly handled filenames when being redirected from an HTTP to an FTP URL. A malicious server could possibly...
Ubuntu: Security Advisory (USN-3012-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : ntp -- multiple vulnerabilities (b2487d9a-0c30-11e6-acd0-d050996490d0)
Network Time Foundation reports : NTF's NTP Project has been notified of the following low- and medium-severity vulnerabilities that are fixed in ntp-4.2.8p7, released on Tuesday, 26 April 2016 : - Bug 3020 / CVE-2016-1551: Refclock impersonation vulnerability, AKA: refclock-peering. Reported by...
ntp -- multiple vulnerabilities
Network Time Foundation reports: NTF's NTP Project has been notified of the following low- and medium-severity vulnerabilities that are fixed in ntp-4.2.8p7, released on Tuesday, 26 April 2016: Bug 3020 / CVE-2016-1551: Refclock impersonation vulnerability, AKA: refclock-peering. Reported by Matt...