Zoom Rooms < 6.6.5 Improper Input Validation (ZSB-26003)

The version of Zoom Rooms installed on the remote host is prior to 6.6.5. It is, therefore, affected by a vulnerability as referenced in the ZSB-26003 advisory. - Improper Input Validation in Zoom Rooms for Windows before 6.6.5 in Kiosk Mode may allow an authenticated user to conduct an escalatio...

PT-2026-24684

Name of the Vulnerable Software and Affected Versions Zoom Rooms for Windows versions prior to 6.6.5 Description An improper input validation issue exists in Zoom Rooms for Windows in Kiosk Mode. A user with existing authentication can potentially escalate privileges through local access...

EUVD-2008-4404

Malware in sbrugna...

EUVD-2008-3902

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2023-50431

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - secattestinfo in drivers/accel/habanalabs/common/habanalabsioctl.c in the Linux kernel through 6.6.5 allows an information leak to user space because info-pad0 ...

CVE-2024-22641

TCPDF version 6.6.5 and before is vulnerable to ReDoS Regular Expression Denial of Service if parsing an untrusted SVG file...

CVE-2024-22641

TCPDF version 6.6.5 and before is vulnerable to ReDoS Regular Expression Denial of Service if parsing an untrusted SVG file...

CVE-2024-22640

TCPDF version =6.6.5 is vulnerable to ReDoS Regular Expression Denial of Service if parsing an untrusted HTML page with a crafted color...

CVE-2022-32561

An issue was discovered in Couchbase Server before 6.6.5 and 7.x before 7.0.4. Previous mitigations for CVE-2018-15728 were found to be insufficient when it was discovered that diagnostic endpoints could still be accessed from the network...

Apache Solr 6.0.0 < 6.6.5 Remote Code Execution

In Apache Solr versions 5.0.0 5.5.5 and 6.0.0 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker may take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side. Note that t...

HPE Aruba ClearPass Policy Manager Remote Code Execution Vulnerability

HPE Aruba ClearPass Policy Manager is a network access control solution from Hewlett Packard Enterprise HPE. A remote code execution vulnerability exists in HPE Aruba ClearPass Policy Manager versions prior to 6.6.5. A remote attacker could exploit the vulnerability to execute code...

CVE-2015-2805

Cross-site request forgery CSRF vulnerability in sec/content/secasauserslocaldbadd.html in the management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, 6855, 6900, 10K, and 6860 with firmware 6.4.5.R02, 6.4.6.R01, 6.6.4.R01, 6.6.5.R02, 7.3.2.R01, 7.3.3.R01, 7.3.4.R01,...

CVE-2015-2805

The CVE-2015-2805 issue affects Alcatel-Lucent OmniSwitch models (6450, 6250, 6850E, 9000E, 6400, 6855, 6900, 10K, 6860) across multiple AOS firmware versions (6.4.5.R02, 6.4.6.R01, 6.6.4.R01, 6.6.5.R02, 7.3.2.R01, 7.3.3.R01, 7.3.4.R01, 8.1.1.R01). The vulnerability is a Cross-site request forger...

Ovidentia 6.6.5 'index.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30735/info Ovidentia is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser...

Sql injection

SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows remote attackers to execute arbitrary SQL commands via the item parameter in a contact modify action...

CVE-2008-4423

CVE-2008-4423 describes an SQL injection in Ovidentia 6.6.5. The vulnerability is triggered via the item parameter in a contact modify action within index.php, allowing remote attackers to execute arbitrary SQL commands. The connected documents consistently identify this as a SQL injection affect...

Sql injection

SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows remote attackers to execute arbitrary SQL commands via the field parameter in a search action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2008-3918

SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows remote attackers to execute arbitrary SQL commands via the field parameter in a search action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2008-3918

CVE-2008-3918 affects Ovidentia 6.6.5. The vulnerability is a SQL injection in index.php triggered by the field parameter in a search action, allowing remote attackers to execute arbitrary SQL commands. NVD data indicates network attack vector, low attack complexity, no authentication, and partia...

CVE-2008-3917

The CVE-2008-3917 entry describes a Cross-site Scripting (XSS) vulnerability in the index.php file of Ovidentia 6.6.5. The issue arises when an attacker supplies a malicious value in the field parameter during a search action, enabling injection of arbitrary web script or HTML. The affected compo...