CVE-2017-6381

A 3rd party development library including with Drupal 8 development dependencies is vulnerable to remote code execution. This is mitigated by the default .htaccess protection against PHP execution, and the fact that Composer development dependencies aren't normal installed. You might be vulnerabl...

fitland.nl XSS vulnerability

Vulnerable URL: http://www.fitland.nl/?s='"--!confirmopenbugbounty...

CVE-2017-6816

In WordPress before 4.7.3 wp-admin/plugins.php, unintended files can be deleted by administrators using the plugin deletion functionality...

ze.nl XSS vulnerability

Vulnerable URL: http://www.ze.nl/zoeken?s= Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 337148 VIP website status:| No Check ze.nl SSL connection:| Grade: A- Coordinated Disclosure Timeline: Description| Value...

bdct.nhs.uk XSS vulnerability

Vulnerable URL: http://www.bdct.nhs.uk/?s='"--!confirmopenbugbounty...

Multiple IP-Cameras (P2P) WIFICAM Cameras Multiple Vulnerabilities

Multiple IP-Camera devices are prone to multiple vulnerabilities. This vulnerability was known to be exploited by the IoT Botnet SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Cross site scripting

IBM QRadar 7.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference : 1999534...

jpnn.com XSS vulnerability

Vulnerable URL: http://www.jpnn.com/search?q=testprompt/OPENBUGBOUNTY/...

WordPress < 4.7.3 Multiple Vulnerabilities

Binary data 9980.prm...

steinbach-attersee.at XSS vulnerability

Vulnerable URL: http://www.steinbach-attersee.at/system/web/suche.aspx?search='-confirmopenbugbounty-' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...

dijon.fr XSS vulnerability

Vulnerable URL: https://www.dijon.fr/recherche/resultat/keywords//'"--!confirmopenbugbounty...

112apeldoorn.nl XSS vulnerability

Vulnerable URL: http://www.112apeldoorn.nl/page/Zoek?modHTdigModulematchesperpage=10HTdigModulewords='"--!confirmOPENBUGBOUNTY...

Aerospike Database Server Client Batch Request Code Execution Vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds write resulting in memory corruption which can lead to remote code execution. An attack...

[SECURITY] Fedora 24 Update: mingw-wavpack-5.1.0-1.fc24

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Although the technology is loosely based on previous versions of WavPack, the new version 4 format has been designed from the ground up to offer unparalleled...

CVE-2016-9347

An issue was discovered in Emerson SE4801T0X Redundant Wireless I/O Card V13.3, and SE4801T1X Simplex Wireless I/O Card V13.3. DeltaV Wireless I/O Cards WIOC running the firmware available in the DeltaV system, release v13.3, have the SSH Secure Shell functionality enabled unnecessarily...

CVE-2016-9347

An issue was discovered in Emerson SE4801T0X Redundant Wireless I/O Card V13.3, and SE4801T1X Simplex Wireless I/O Card V13.3. DeltaV Wireless I/O Cards WIOC running the firmware available in the DeltaV system, release v13.3, have the SSH Secure Shell functionality enabled unnecessarily...

nogaro-tourisme.fr XSS vulnerability

Vulnerable URL: http://www.nogaro-tourisme.fr/search Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 6256690 VIP website status:| No Check nogaro-tourisme.fr SSL connection:| Grade:...

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, allow attackers to execute arbitrary code.

The vulnerability of XFA PDF viewer programs such as Adobe Reader and Document Cloud, as well as Adobe Acrobat and Document Cloud’s PDF editing programs, is related to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code related ...

Jtag Calendar 6.2.4

JTag Calendar versions 6.2.4 and previous Resolution: update to 6.2.5 Developer states: Fixed security issue in search functionality Update notice: https://joomlatag.com/premium-joomla-extensions/jtag-calendar-detail.html...

CVE-2016-5902

IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...