15 matches found
EUVD-2016-9726
Malware in sbrugna...
Files or Directories Accessible to External Parties
Overview Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties via the src tag. An attacker can read arbitrary files from the server's file system. Remediation Upgrade tecnickcom/tcpdf to version 6.7.6 or higher. References - GitHub Commit Credit:...
[SECURITY] Fedora 38 Update: kernel-6.7.6-100.fc38
The kernel meta package...
CVE-2023-45585
An insertion of sensitive information into log file vulnerability CWE-532 in FortiSIEM version 7.0.0, version 6.7.6 and below, version 6.6.3 and below, version 6.5.1 and below, version 6.4.2 and below, version 6.3.3 and below, version 6.2.1 and below, version 6.1.2 and below, version 5.4.0, versi...
CVE-2023-45585
An insertion of sensitive information into log file vulnerability CWE-532 in FortiSIEM version 7.0.0, version 6.7.6 and below, version 6.6.3 and below, version 6.5.1 and below, version 6.4.2 and below, version 6.3.3 and below, version 6.2.1 and below, version 6.1.2 and below, version 5.4.0, versi...
SUSE CVE-2012-1610
Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service out-of-bounds read via a large component count for certain EXIF tags in a JPEG image. NOTE: this vulnerability exists because of an incomplete f...
Design/Logic Flaw
b2evolution 6.7.6 suffer from an Object Injection vulnerability in /htsrv/callplugin.php...
CVE-2016-8901
b2evolution 6.7.6 suffer from an Object Injection vulnerability in /htsrv/callplugin.php...
CVE-2016-8901
CVE-2016-8901 affects b2evolution 6.7.6 with an Object Injection vulnerability in /htsrv/call_plugin.php. CVSS3 base score 9.8 (CRITICAL) indicates high-impact, network-exposed, no authentication, and potential for full system compromise; however exploitation details are not provided in the conne...
CVE-2018-7065
An authenticated SQL injection vulnerability in Aruba ClearPass Policy Manager can lead to privilege escalation. All versions of ClearPass are affected by multiple authenticated SQL injection vulnerabilities. In each case, an authenticated administrative user of any type could exploit this...
CVE-2018-7065
An authenticated SQL injection vulnerability in Aruba ClearPass Policy Manager can lead to privilege escalation. All versions of ClearPass are affected by multiple authenticated SQL injection vulnerabilities. In each case, an authenticated administrative user of any type could exploit this...
CVE-2018-7067
A Remote Authentication bypass in Aruba ClearPass Policy Manager leads to complete cluster compromise. An authentication flaw in all versions of ClearPass could allow an attacker to compromise the entire cluster through a specially crafted API call. Network access to the administrative web...
CVE-2018-7065
An authenticated SQL injection vulnerability in Aruba ClearPass Policy Manager can lead to privilege escalation. All versions of ClearPass are affected by multiple authenticated SQL injection vulnerabilities. In each case, an authenticated administrative user of any type could exploit this...
ImageMagick Multiple Denial of Service Vulnerabilities - 01 June13 (Windows)
The host is installed with ImageMagick and is prone to multiple denial of service Vulnerabilities. OpenVAS Vulnerability Test $Id: gbimagemagickmultdosvuln01jun13win.nasl 8173 2017-12-19 11:45:56Z cfischer $ ImageMagick Multiple Denial of Service Vulnerabilities - 01 June13 Windows Authors: Thang...
ImageMagick Integer Overflow Vulnerability - 02 June13 (Windows)
The host is installed with ImageMagick and is prone to integer overflow Vulnerability. OpenVAS Vulnerability Test $Id: gbimagemagickintegeroverflowvuln02jun13win.nasl 8173 2017-12-19 11:45:56Z cfischer $ ImageMagick Integer Overflow Vulnerability - 02 June13 Windows Authors: Thanga Prakash S...