AZL-79449 CVE-2026-3381 affecting package syslinux 6.04-10

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

AZL-79481 CVE-2026-3381 affecting package syslinux 6.04-11

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

CVE-2019-0280

CVE-2019-0280 affects SAP Treasury and Risk Management (EA-FINSERV 6.0, 6.03–6.06, 6.16–6.18, and 8.0; S4CORE 1.01–1.03). The issue is missing authorization checks on objects T_DEAL_DP and T_DEAL_PD, leading to escalation of privileges. The vulnerability is documented with HIGH impact per CVSSv3 ...

CVE-2014-2965

Cross-site scripting XSS vulnerability in auth-settings-x.php in SpamTitan before 6.04 allows remote attackers to inject arbitrary web script or HTML via the sortdir parameter...

SpamTitan contains a reflected cross-site scripting (XSS) vulnerability

Overview SpamTitan contains a reflected cross-site scripting XSS vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'SpamTitan contains a reflected cross-site scripting vulnerability in the auth-settings-x.php page of the management...

CVE-2008-6043

CVE-2008-6043 describes multiple SQL injection vulnerabilities in PHP Pro Bid (PPB) 6.04 . Remote attackers can execute arbitrary SQL commands via the order_field and order_type parameters to categories.php (and unspecified other components). The entry notes the details are partially from third-p...

CVE-2007-2254

CVE-2007-2254 affects PHP Classifieds 6.04 (admin/setup/level2.php). The vulnerability is a PHP remote file inclusion that allows an attacker to execute arbitrary PHP code via a URL supplied to the dir parameter, indicating a remote code execution path. Root cause is improper handling of the dir ...

OpenCMS 6.06.2 - Multiple Unauthorized Access Vulnerabilities

OpenCMS 6.06.2 - Multiple Unauthorized Access Vulnerabilities source: https://www.securityfocus.com/bid/19174/info OpenCMS is prone to multiple unauthorized-access vulnerabilities because it fails to properly authenticate users when performing administrative tasks. An attacker can exploit these...

GeoVision Digital Surveillance System 6.0 46.1 - Unauthorized .JPEG Image Access

GeoVision Digital Surveillance System 6.0 46.1 - Unauthorized .JPEG Image Access source: https://www.securityfocus.com/bid/13571/info GeoVision Digital Surveillance System is prone to a vulnerability that allows remote unauthorized attackers to view JPEG images stored on a server. This issue...

GeoVision Digital Surveillance System 6.0 4/6.1 - Unauthorized '.JPEG' Image Access

source: https://www.securityfocus.com/bid/13571/info GeoVision Digital Surveillance System is prone to a vulnerability that allows remote unauthorized attackers to view JPEG images stored on a server. This issue results from an access validation error. GeoVision Digital Surveillance System versio...

Opera 6.0.x - FTP View Cross-Site Scripting

source: https://www.securityfocus.com/bid/5401/info A cross-site scripting vulnerability in Opera has been reported. When viewing the contents of an FTP site as web content, the data within tags is not sanitized. An attacker may embed javascript between open and closing tags in a FTP URL. This...