482 matches found
Debian: Security Advisory (DSA-5207-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-33989
dproxy-nexgen aka dproxy nexgen uses a static UDP source port selected randomly only at boot time in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks...
Design/Logic Flaw
dproxy-nexgen aka dproxy nexgen uses a static UDP source port selected randomly only at boot time in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks...
Design/Logic Flaw
totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks...
PT-2022-21951 · Unknown · Dproxy-Nexgen
Name of the Vulnerable Software and Affected Versions: dproxy-nexgen affected versions not specified Description: The issue allows DNS cache poisoning due to the use of a static UDP source port with insufficient entropy to prevent traffic injection attacks. This occurs because dproxy-nexgen selec...
EulerOS Virtualization 2.10.0 : python3 (EulerOS-SA-2022-2035)
According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator URL...
EulerOS Virtualization 2.10.1 : python3 (EulerOS-SA-2022-2063)
According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator URL...
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2022-2035)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2022-2063)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apache Commons remote code execution vulnerability
Apache Commons is a project of the Apache Software Foundation. Apache Commons is vulnerable to a remote code execution vulnerability that could be exploited by attackers to execute malicious code via injection attacks, write webshells to websites, and take control of entire websites or even serve...
SourceCodester Online Railway Reservation System SQL注入漏洞(CNVD-2022-53357)
Sourcecodester Online Railway Reservation system is a web-based application that provides an online platform for rail or train station passengers or would-be passengers to view their schedules and reserve seats. Online Railway Reservation System v1.0 version contains a SQL injection vulnerability...
Amazon Linux AMI : python27 (ALAS-2022-1593)
The version of python27 installed on the remote host is prior to 2.7.18-2.142. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1593 advisory. In Python3's Lib/test/multibytecodecsupport.py CJK codec tests call eval on content retrieved via HTTP. CVE-2020-2761...
Merchandise Online Store SQL Injection Vulnerability (CNVD-2022-66681)
Merchandise Online Store is a merchandise online store system. merchandise Online Store version 1.0 is vulnerable to SQL injection, which can be exploited by attackers via /vloggersmerch/classes/Master.php?f=delete product to conduct SQL injection attacks...
EulerOS 2.0 SP3 : python (EulerOS-SA-2022-1757)
According to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator URL strings into...
Badminton Center Management sql injection vulnerability (CNVD-2022-66682)
Badminton Center Management System is a badminton center management system. It provides an online and automated platform for badminton centers to manage their daily transactions and records. sql injection vulnerability exists in Badminton Center Management 1.0. An attacker can exploit this...
GHSA-5M3W-RVVH-8FX6 Joomla! Object Injection Vulnerability
An issue was discovered in Joomla! before 3.9.3. The phar:// stream wrapper can be used for object injection attacks because there is no protection mechanism such as the TYPO3 PHAR stream wrapper to prevent use of the phar:// handler for non .phar-files...
python: urllib.parse does not sanitize URLs containing ASCII newline and tabs
A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator URL strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an...
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2022-1650)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : python3 (EulerOS-SA-2022-1650)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator URL strings into...
Huawei EulerOS: Security Advisory for python2 (EulerOS-SA-2022-1581)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...