Malicious code in catalyst_lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1ee883362bf9a21011ce24488ebc14e49484e96df4f64359e2b863ea0cd21a79 The OpenSSF Package Analysis project identified 'catalystlib' @ 9.7.2 npm as malicious. It is considered malicious because: - The package execut...

CVE-2020-13804

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows information disclosure of a hardcoded username and password in the DocuSign plugin...

WordPress AcyMailing SMTP Newsletter Plugin <= 9.7.2 is vulnerable to Arbitrary File Upload

Software AcyMailing SMTP Newsletter Type Plugin Vulnerable versions = 9.7.2 Fixed in 9.8.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-7384 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 51ad1438d775 Credits Arkadiusz Hydzik Required...

IBM Engineering Requirements Management DOORS 9.7.2.x < 9.7.2.8 Multiple Vulnerabilities (7124058)

The version of IBM Engineering Requirements Management DOORS formerly IBM Rational DOORS installed on the remote host is 9.7.2.x prior to 9.7.2.8. It is, therefore, affected by multiple vulnerabilities as referenced in the 7124058 advisory. - Apache Shiro before 1.9.1, A RegexRequestMatcher can b...

Popular Netop Remote Learning Software Found Vulnerable to Hacking

Cybersecurity researchers on Sunday disclosed multiple critical vulnerabilities in remote student monitoring software Netop Vision Pro that a malicious attacker could abuse to execute arbitrary code and take over Windows computers. "These findings allow for elevation of privileges and ultimately...

Foxit Reader and PhantomPDF Resource Management Error Vulnerability (CNVD-2020-32085)

Foxit Reader and Foxit PhantomPDF are both Chinese Foxit Foxit company a PDF document reader. A resource management error vulnerability exists in Foxit Reader versions prior to 9.7.2 and PhantomPDF versions prior to 9.7.2. An attacker can exploit this vulnerability to cause a denial of service...

Unspecified Vulnerability in Foxit Reader and PhantomPDF

Foxit Reader and Foxit PhantomPDF are both Chinese Foxit Foxit company a PDF document reader. A security vulnerability exists in Foxit Reader prior to version 9.7.2 and PhantomPDF prior to version 9.7.2, which is caused by the program not handling circular references correctly. An attacker can...

Foxit Reader and PhantomPDF DocuSign Plugin Trust Management Issues Vulnerability

Foxit Reader and Foxit PhantomPDF are both Chinese Foxit Foxit company a PDF document reader. A trust management issue exists in the DocuSign plug-in in Foxit Reader versions prior to 9.7.2 and PhantomPDF versions prior to 9.7.2. An attacker can exploit this vulnerability to obtain hard-coded...

CVE-2020-13804

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows information disclosure of a hardcoded username and password in the DocuSign plugin...

Design/Logic Flaw

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via crafted cross-reference stream data...

Foxit PhantomPDF < 9.7.2 Multiple Vulnerabilities

According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 9.7.2. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's...

Code injection

ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service deadlock and daemon hang by sending a query at the time of 1 an IXFR transfer or 2 a DDNS update...

CVE-2011-0414

ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service deadlock and daemon hang by sending a query at the time of 1 an IXFR transfer or 2 a DDNS update...

CVE-2011-0414

ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service deadlock and daemon hang by sending a query at the time of 1 an IXFR transfer or 2 a DDNS update...

Internet System Consortium Releases BIND Advisory

The Internet System Consortium has released an advisory to address a vulnerability affecting BIND versions 9.7.1 through 9.7.2-P3. This vulnerability may allow an attacker to cause a denial-of-service condition. US-CERT encourages users and administrators using the affected versions of BIND to...

ISC BIND IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability

ISC BIND is prone to a remote denial-of-service vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind";...

CVE-2011-0414

ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service deadlock and daemon hang by sending a query at the time of 1 an IXFR transfer or 2 a DDNS update...

Fedora 14 : bind-9.7.2-4.P3.fc14 (2010-18469)

Update to 9.7.2-P3 release which contains various security fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

CVE-2010-3615

named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism...

ISC BIND 'allow-query' Zone ACL Security Bypass Vulnerability

ISC BIND is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...