92 matches found
CVE-2022-4359
The CVE-2022-4359 entry concerns the WP RSS By Publishers WordPress plugin (version 0.1 and earlier). A SQL injection exists because a parameter is not properly sanitized/escaped before use in a SQL statement, enabling an attacker with high privileges (e.g., admin) to exploit it. Evidence across ...
CVE-2022-4359 WP RSS By Publishers <= 0.1 - Admin+ SQLi
The WP RSS By Publishers WordPress plugin through 0.1 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...
Mageia: Security Advisory (MGASA-2013-0295)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-4359-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : APT vulnerability (USN-4359-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4359-1 advisory. It was discovered that APT incorrectly handled certain filenames during package installation. If an attacker could provide a specially...
CVE-2018-4359
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7...
CVE-2018-4359
CVE-2018-4359 affects WebKit components used by Safari on iOS/macOS (and related iOS 12/Safari 12). The issue was described as multiple memory corruption issues that were addressed with improved memory handling, with affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 fo...
openSUSE Security Update : webkit2gtk3 (openSUSE-2019-68)
This update for webkit2gtk3 to version 2.22.4 fixes the following issues : Security issues fixed : CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4392, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319,...
SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2019:0059-1)
This update for webkit2gtk3 to version 2.22.4 fixes the following issues : Security issues fixed : CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4392, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319,...
GLSA-201812-04 : WebkitGTK+: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201812-04 WebkitGTK+: Multiple vulnerabilities Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details. Impact : A remote attacker could execute arbitrary commands or...
UBUNTU-CVE-2018-4359
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7...
EUVD-2022-4359
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359,...
CVE-2017-4359
...
CVE-2017-4359
CVE-2017-4359 is rejected/not used per the Initial Description.
CVE-2014-4359
CVE-2014-4359 is rejected/not used; this entry does not represent an active vulnerability.
CVE-2016-4359
Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through...
CVE-2016-4359
CVE-2016-4359 involves a stack-based buffer overflow in mchan.dll of HPE LoadRunner/Performance Center. The flaw occurs when constructing a shared memory/file name or processing a long -server_name value, allowing an unauthenticated attacker to remotely execute arbitrary code. Affected products i...
CVE-2015-4359
The vulnerability CVE-2015-4359 affects the Drupal Registration codes module. Affected are 6.x-1.x prior to 6.x-1.6, 6.x-2.x prior to 6.x-2.8, and 7.x-1.x prior to 7.x-1.2. The issue is cross-site scripting (XSS) where remote authenticated users with permission to create or edit taxonomy terms or...
Security fix for the ALT Linux 8 package proftpd version 1.3.5-alt1.gita31d0ab
May 20, 2015 Konstantin Lepikhov 1.3.5-alt1.gita31d0ab - Updated to 1.3.5-a31d0ab GIT fixing following CVEs: + CVE-2013-4359. - Include the fix for Bug 4169 Unauthenticated copying of files via SITE CPFR/CPTO allowed by modcopy. - Configuration changes: + enabled pcre support; + enabled memcache...
SA-CONTRIB-2015-065 - Registration codes - Multiple vulnerabilities
Registration codes module allows new account registrations only for users who provide a valid registration code. The module was not properly sanitizing user supplied text in some pages, thereby exposing XSS vulnerabilities. Additionally, some URLs were not protected against CSRF, a malicious user...