EUVD-2018-14283

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-9449

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The taxonomy module in Drupal 7.x before 7.52 and 8.x before 8.2.3 might allow remote authenticated users to obtain sensitive information about taxonomy terms b...

Debian DLA-2637-1 : drupal7 security update

The Drupal project identified a vulnerability in the sanitization performed in the filterxssarttributes function, potentially allowing a cross-site scripting, and granted it the Drupal Security Advisory ID SA-CORE-2021-002 : https://www.drupal.org/sa-core-2021-002 No CVE number has been announced...

CVE-2019-0319

The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message. An attacker could thus mislead a user to believe this information is from the legitimate service when it's not...

Design/Logic Flaw

Under certain conditions SAP UI5 Handler allows an attacker to access information which would otherwise be restricted. Software components affected are: SAP Infrastructure 1.0, SAP UI 7.4, 7.5, 7.51, 7.52 and version 2.0 of SAP UI for SAP NetWeaver 7.00...

CVE-2018-2428

Under certain conditions SAP UI5 Handler allows an attacker to access information which would otherwise be restricted. Software components affected are: SAP Infrastructure 1.0, SAP UI 7.4, 7.5, 7.51, 7.52 and version 2.0 of SAP UI for SAP NetWeaver 7.00...

Code injection

Mitsubishi E-Designer, Version 7.52 Build 344 contains six code sections which may be exploited to overwrite the stack. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash...

CVE-2017-9636

Mitsubishi E-Designer, Version 7.52 Build 344 contains five code sections which may be exploited to overwrite the heap. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash...

Design/Logic Flaw

Mitsubishi E-Designer, Version 7.52 Build 344 contains five code sections which may be exploited to overwrite the heap. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash...

Code injection

Mitsubishi E-Designer, Version 7.52 Build 344 contains two code sections which may be exploited to allow an attacker to overwrite arbitrary memory locations. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash...

CVE-2017-9638

Mitsubishi E-Designer, Version 7.52 Build 344 contains six code sections which may be exploited to overwrite the stack. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash...

CVE-2017-9636

Mitsubishi E-Designer, Version 7.52 Build 344 contains five code sections which may be exploited to overwrite the heap. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash...

CVE-2017-9634

CVE-2017-9634 affects Mitsubishi Electric Europe B.V. E-Designer, Version 7.52 Build 344. The vulnerability is an out-of-bounds write/overflow in multiple code sections that can overwrite memory, enabling arbitrary code execution, data integrity compromise, DoS, and system crash. Public sources d...

CVE-2017-9638

Mitsubishi E-Designer, Version 7.52 Build 344 contains six code sections which may be exploited to overwrite the stack. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash...

CVE-2017-9634

Mitsubishi E-Designer, Version 7.52 Build 344 contains two code sections which may be exploited to allow an attacker to overwrite arbitrary memory locations. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash...

CVE-2017-9638

CVE-2017-9638 affects Mitsubishi Electric Europe B.V. E-Designer, version 7.52 Build 344. The vulnerability is a stack-based buffer overflow in six code sections that can lead to arbitrary code execution, data integrity compromise, denial of service, and system crash. Connected sources (ICS-CERT)...

CVE-2017-9636

CVE-2017-9636 affects Mitsubishi Electric Europe B.V. E-Designer (Version 7.52 Build 344). Connected advisories describe heap-based buffer overflow weaknesses in multiple code paths (five sections) that can overwrite the heap, enabling arbitrary code execution, data integrity compromise, DoS, and...

Input validation

ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file API...

CVE-2017-16679

URL redirection vulnerability in SAP's Startup Service, SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49 and 7.52, that allows an attacker to redirect users to a malicious site...

UBUNTU-CVE-2016-9451

Confirmation forms in Drupal 7.x before 7.52 make it easier for remote authenticated users to conduct open redirect attacks via unspecified vectors...