Astra Linux - уязвимость в php7.3

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23, and 7.4.x below 7.4.11, when PHP processes incoming HTTP cookie values, the cookie names are url-decoded. This may result in cookies with prefixes like Host being confused with cookies that are decoded with such prefixes. As a consequence,...

CVE-2023-45173 IBM AIX denial of service

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the NFS kernel extension to cause a denial of service. IBM X-Force ID: 267971...

PT-2023-8366 · Ibm · Aix +2

Name of the Vulnerable Software and Affected Versions: IBM AIX versions 7.2 through 7.3 VIOS version 3.1 Description: The issue is related to insufficient input validation in the AIX operating system, which could allow a non-privileged local user to exploit a vulnerability in AIX windows and caus...

IBM AIX 命令注入漏洞

IBM AIX is an open standards-based UNIX operating system developed by International Business Machines IBM for the IBM Power architecture. IBM AIX versions 7.1, 7.2, 7.3, and VIOS version 3.1 contain a security vulnerability. Attackers exploit the vulnerability to gain root privileges...

Liferay Portal 跨站脚本漏洞

Liferay Portal is a J2EE-based portal solution from Liferay, Inc. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspaces, enterprise collaboration platforms, social networks and more. A security vulnerability exists in Liferay Portal...

PT-2019-16968 · Ibm · Ibm Qradar Siem

Name of the Vulnerable Software and Affected Versions: IBM QRadar SIEM versions 7.2 through 7.3 Description: The issue allows an attacker to execute malicious and unauthorized actions by exploiting cross-site request forgery. This could be done by transmitting actions from a user that the website...

PT-2019-10033 · Ibm · Ibm Qradar Siem

Name of the Vulnerable Software and Affected Versions: IBM QRadar SIEM versions 7.2 through 7.3 Description: The issue allows a security-critical resource to be read or modified by unintended actors due to improper permission specifications. Recommendations: For IBM QRadar SIEM versions 7.2 throu...

Cross site scripting

IBM I 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 156164...

Security Bulletin: OpenSource GNU Glibc as used in IBM QRadar SIEM is vulnerable to multiple vulnerabilities. (CVE-2014-9761, CVE-2015-8776, CVE-2015-8778, CVE-2015-8779)

Summary OpenSource GNU glibc Vulnerabilities Vulnerability Details CVEID: CVE-2014-9761 DESCRIPTION: GNU C Library glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the nan function. By sending an overly long string, a remote attacker could overflow a...

CVE-2018-5487

NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3 ship with the Java Management Extension Remote Method Invocation JMX RMI service bound to the network, and are susceptible to unauthenticated remote code execution...

CVE-2017-1722

IBM QRadar SIEM is vulnerable to SQL injection (CVE-2017-1722) due to an insecure method generating SQL queries. Affected products include QRadar SIEM 7.3.0 (7.3.0 Patch 7) and 7.2.x releases (7.2.0 to 7.2.8 Patch 11). The underlying issue allows a remote attacker to send specially crafted SQL st...

CVE-2018-5486

NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire Protocol JDWP enabled which allows unauthorized local attackers to execute arbitrary code...

PT-2018-1080 · Vmware · Vsphere Integrated Containers +2

Name of the Vulnerable Software and Affected Versions: VMware vRealize Automation versions 7.2 through 7.3 vSphere Integrated Containers versions 1.x before 1.3 Description: The issue is caused by a deserialization vulnerability via Xenon, which may allow remote attackers to execute arbitrary cod...

Apple QuickTime 7.2/7.3 RTSP Response Remote SEH Overwrite PoC

No description provided by source. !/usr/bin/python Apple QuickTime 7.3 RTSP Response 0day Remote SEH Overwrite PoC Exploit Bug discovered by Krystian Kloskowski h07 [email protected] Tested on: Apple QuickTime Player 7.3 / XP SP2 Polish Details:.. RTSP Content-Type: A 995 + B 4096\r\n...