107 matches found
Debian: Security Advisory (DLA-0015-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-4656 WP Visitor Statistics (Real Time Traffic) < 6.5 - Contributor+ Stored XSS via Shortcode
The WP Visitor Statistics Real Time Traffic WordPress plugin before 6.5 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...
CVE-2022-4656
The CVE-2022-4656 vulnerability affects the WordPress plugin WP Visitor Statistics (Real Time Traffic) prior to version 6.5. It arises because a shortcode attribute is not properly validated/escaped, enabling Stored XSS when a user with as low as Contributor privileges views the shortcode output....
WordPress WP Visitor Statistics (Real Time Traffic) Plugin < 6.5 is vulnerable to Cross Site Scripting (XSS)
Software WP Visitor Statistics Real Time Traffic Type Plugin Vulnerable versions 6.5 Fixed in 6.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4656 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID e65b6ec1fb3c Credits...
Ubuntu: Security Advisory (USN-4656-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:0912-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM MQ and IBM MQ Appliance is vulnerable to a denial of service attack caused by an authenticated user crafting a malicious message (CVE-2019-4656)
Summary IBM MQ and IBM MQ Appliance are vulnerable to a denial of service attack that would allow an authenticated user to craft a malicious message causing a queue manager to incorrectly mark a queue as damaged, requiring a restart to continue processing against the queue. Vulnerability Details...
Debian DSA-4656-1 : thunderbird - security update
Multiple security issues have been found in Thunderbird which could result in denial of service or potentially the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4656. The text...
CVE-2013-4656
The CVE-2013-4656 entry describes a symlink traversal vulnerability in the SMB service caused by misconfiguration on affected devices. The affected products are ASUS RT-AC66U and RT-N56U ; the underlying issue is misconfigured SMB leading to a path traversal vulnerability. Reported impact is seve...
WebKit not_number defineProperties Use-After-Free Exploit
Exploit for multiple platform in category dos / poc This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebKit notnumber defineProperties UAF', 'Description' = %q This module exploits a UAF...
CVE-2017-4656
CVE-2017-4656 entry is rejected/not used per the Initial Description.
CVE-2017-4656
...
DJ Studio Pro PLS File Stack Buffer Overflow (CVE-2009-4656)
A stack buffer overflow vulnerability exists in DJ Studio Pro. The vulnerability is due to insufficient bounds checking on a PLS file. A successful exploitation could lead to arbitrary code execution in the security context of the target user...
Mac OS X Multiple Vulnerabilities (Security Updates 2016-001 / 2016-005)
The remote host is running a version of Mac OS X 10.10.5 or 10.11.6 that is missing a security update. It is therefore, affected by multiple vulnerabilities in the Kernel component : - An unspecified flaw exists due to improper validation of user-supplied input. An attacker can exploit this, by...
About the security content of Security Update 2016-001 El Capitan and Security Update 2016-005 Yosemite
About the security content of Security Update 2016-001 El Capitan and Security Update 2016-005 Yosemite This document describes the security content of Security Update 2016-001 El Capitan and Security Update 2016-005 Yosemite. About Apple security updates For our customers' protection, Apple...
Apple iOS < 9.3.5 Multiple Vulnerabilities (Trident)
Binary data appleios935check.nbin...
iOS 9.3.5 emergency release behind the truth:NSO using the iPhone 0day without clicking on a remote compromised iPhone(8 on 2 6 May 1 3:4 1 Update-bug warning-the black bar safety net
! According to the Washington Post reported, many people think that their iPhone is absolutely safe, but the latest research shows that Apple's mobileoperating systemin iOS over the years always the presence of three previously unknown“zero-day exploit”, in fact Apple users are always in danger...
CVE-2016-4656
CVE-2016-4656 is an Apple iOS kernel memory‑corruption vulnerability that can allow an attacker to execute arbitrary code with kernel privileges or cause a DoS via a crafted app. Affected are iOS versions prior to 9.3.5; Apple’s security content notes the kernel memory corruption issue was addres...
CVE-2016-4656
creationtimestamp| type| source ---|---|--- 2016-08-25 20:59:54+00:00| seen| MISP/57bf5c07-6b40-428e-8f68-4a9a02de0b81 2016-08-26 09:58:41+00:00| seen| MISP/57c0123c-d100-43a8-b874-54a8bce2ab96 2018-06-04 23:30:25+00:00| seen|...
Oracle: Security Advisory (ELSA-2011-0421)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...