CVE-2017-10781

XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll77df0000!LdrpFindLoadedDllByName+0x00000000000000a5."...

Citrix Provisioning Services Information Disclosure Vulnerability

Citrix Provisioning Services enables the creation of a set of images that use streaming technology to transport physical and virtual servers, reducing storage requirements and enabling fast, consistent and reliable application deployment. An information disclosure vulnerability exists in Citrix...

CVE-2016-7175

epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark 2.x before 2.0.6 mishandles MAC address data, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted packet...

UBUNTU-CVE-2016-7175

epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark 2.x before 2.0.6 mishandles MAC address data, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted packet...

Vulnerability of Adobe AIR software, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information

Vulnerability exists in Adobe AIR due to the possibility of accessing information related to memory addresses. Exploiting this vulnerability allows an attacker to bypass the ASLR Address Space Layout Randomization protection mechanism...

The vulnerability of the Firefox browser allows a hacker to bypass existing access restrictions and alter the location.host property.

The vulnerability of Firefox browsers is related to access control deficiencies. Exploiting this vulnerability allows a malicious actor to bypass existing access restrictions and alter the location.host property using unreliable URL data...

Unauthorized Firmware Retrieval Vulnerability in Cisco Universal Small Cell Devices

The Cisco Universal Small Cell Solution is an end-to-end architecture that integrates 3G, LTE, carrier-grade Wi-Fi and SON technologies to enable secure and effective heterogeneous networks. A security vulnerability exists in the flash memory of Cisco Universal Small Cell devices firmware...

WordPress Plugin TheCartPress Has Multiple Cross-Site Scripting Vulnerabilities

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. Multiple cross-site scripting vulnerabilities exist in the WordPress plugin TheCartPress. 1 Because many user-supplied HTTP...

X-Cart Privilege Access Vulnerability

X-Cart is an open source PHP e-commerce software . The software provides favorites , order records and inventory management modules. A security vulnerability exists in X-Cart 5.1.10 and earlier versions. A remote attacker can exploit this vulnerability by sending a modified update or delete reque...

CVE-2015-0951

X-Cart before 5.1.11 allows remote authenticated users to read or delete address data of arbitrary accounts via a modified 1 update or 2 remove request...

Cross site request forgery (csrf)

X-Cart before 5.1.11 allows remote authenticated users to read or delete address data of arbitrary accounts via a modified 1 update or 2 remove request...

CVE-2015-0951

X-Cart before 5.1.11 allows remote authenticated users to read or delete address data of arbitrary accounts via a modified 1 update or 2 remove request...

Thousand Bo enterprise website management system v2010 Build 0 7 1 6 vulnerability analysis-vulnerability warning-the black bar safety net

Release time: 2010-07-16 Affected version: Thousand Bo enterprise website management system v2010 Build 0 7 1 6 Vulnerability Description: The search type injection vulnerability Default background address: http://127.1/system/AdminLogin.Asp Publishing author: m4r10 reproduced please indicate the...

CVE-2008-0807

lib/Driver/sql.php in Turba 2 turba2 Contact Manager H3 2.1.x before 2.1.7 and 2.2.x before 2.2-RC3, as used in products such as Horde Groupware before 1.0.4 and Horde Groupware Webmail Edition before 1.0.5, does not properly check access rights, which allows remote authenticated users to modify...

Design/Logic Flaw

lib/Driver/sql.php in Turba 2 turba2 Contact Manager H3 2.1.x before 2.1.7 and 2.2.x before 2.2-RC3, as used in products such as Horde Groupware before 1.0.4 and Horde Groupware Webmail Edition before 1.0.5, does not properly check access rights, which allows remote authenticated users to modify...

CVE-2008-0807

lib/Driver/sql.php in Turba 2 turba2 Contact Manager H3 2.1.x before 2.1.7 and 2.2.x before 2.2-RC3, as used in products such as Horde Groupware before 1.0.4 and Horde Groupware Webmail Edition before 1.0.5, does not properly check access rights, which allows remote authenticated users to modify...

CVE-2008-0807

lib/Driver/sql.php in Turba 2 turba2 Contact Manager H3 2.1.x before 2.1.7 and 2.2.x before 2.2-RC3, as used in products such as Horde Groupware before 1.0.4 and Horde Groupware Webmail Edition before 1.0.5, does not properly check access rights, which allows remote authenticated users to modify...