Cross-site Scripting (XSS)

io.vertx:vertx-web is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper escaping of file and directory names in generated HTML when directory listing is enabled, which allows an attacker to craft malicious filenames that execute arbitrary scripts in the browser of users...

CVE-2022-45401

Jenkins Associated Files Plugin 0.2.1 and earlier does not escape names of associated files, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

Apache Hadoop 操作系统命令注入漏洞

Apache Hadoop is an open source distributed system infrastructure from the Apache Foundation. The product is capable of distributed processing of large amounts of data and is highly reliable, scalable, and fault-tolerant. Apache Hadoop has a security vulnerability that stems from its...

RHEL 6 : logrotate (RHSA-2011:0407)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2011:0407 advisory. The logrotate utility simplifies the administration of multiple log files, allowing the automatic rotation, compression, removal, and mailin...

Changetrack 4.3-3 - Local Privilege Escalation

TITLE: Changetrack Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA36756 VERIFY ADVISORY: http://secunia.com/advisories/36756/ DESCRIPTION: A vulnerability has been discovered in Changetrack, which can be exploited by malicious, local users to gain escalated privileges. The application...