EUVD-2018-6834

Malware in sbrugna...

EUVD-2023-39865

Malicious code in bioql PyPI...

Cross-site Scripting (XSS)

Overview silverstripe/framework is a PHP framework forming the base for the SilverStripe CMS. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the error message display mechanism. An attacker can inject malicious scripts that are executed in the user's browser by...

RHEL 5 : squirrelmail (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - squirrelmail: Insufficient escaping of user-supplied data CVE-2017-7692 - SquirrelMail: Directory travers...

BIT-ROUNDCUBE-2020-16145

Roundcube Webmail before 1.3.15 and 1.4.8 allows stored XSS in HTML messages during message display via a crafted SVG document. This issue has been fixed in 1.4.8 and 1.3.15...

The vulnerability of the The Message Display Tool (MDT) software component, used for integrating corporate applications in SAP NetWeaver Process Integration, allows a perpetrator to disclose protected information.

The vulnerability of the The Message Display Tool MDT software component, used for integrating corporate applications in SAP NetWeaver Process Integration, is related to the lack of protection for operational data. Exploiting this vulnerability could allow a malicious actor to disclose sensitive...

CVE-2023-35872

The Message Display Tool MDT of SAP NetWeaver Process Integration - version SAPXIAF 7.50, does not perform authentication checks for certain functionalities that require user identity. An unauthenticated user might access technical data about the product status and its configuration. The...

Design/Logic Flaw

The Message Display Tool MDT of SAP NetWeaver Process Integration - version SAPXIAF 7.50, does not perform authentication checks for certain functionalities that require user identity. An unauthenticated user might access technical data about the product status and its configuration. The...

PT-2023-4071 · Sap · Sap Netweaver Process Integration

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Process Integration version SAP XIAF 7.50 Description: The issue is related to the Message Display Tool MDT component of SAP NetWeaver Process Integration, which lacks proper authentication checks for certain functionalities. Th...

SUSE CVE-2020-16145

Roundcube Webmail before 1.3.15 and 1.4.8 allows stored XSS in HTML messages during message display via a crafted SVG document. This issue has been fixed in 1.4.8 and 1.3.15...

Mozilla: Incorrect security status shown after viewing an attached email

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when viewing an email message A, which contains an attached message B, where B is encrypted or digitally signed or both, Thunderbird may show an incorrect encryption or signature status. After opening and...

The vulnerability of the Message Display component of the Oracle Email Center messaging software in the Oracle E-Business Suite, a business automation system, allows a malicious individual to access, modify, add, or delete data, or gain full control over the application.

The vulnerability of the Message Display component of the Oracle Email Center messaging software, a part of the Oracle E-Business Suite for enterprise automation, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on, a collection of management software, is seamlessly integrated with a management suite.Oracle Email...

OPENSUSE-SU-2021:0387-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 78.8 fixed: Importing an address book from a CSV file always reported an error fixed: Security information for S/MIME messages was not displayed correctly prior to a draft being saved fixed: Calendar: FileLink UI...

The vulnerability of the Message Display component of the Oracle Email Center software allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over that data.

The vulnerability of the Message Display component of the Oracle Email Center messaging software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or...

The vulnerability of the Message Display component of the Oracle Email Center software allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over that data.

The vulnerability of the Message Display component of the Oracle Email Center messaging software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or...

SUSE-SU-2020:3632-1 Security update for mutt

This update for mutt fixes the following issues: - Find and display the content of messages properly. bsc1179461 - CVE-2020-28896: incomplete connection termination could send credentials over unencrypted connections. bsc1179035 - Avoid that message with a million tiny parts can freeze MUA for...

Cross-Site Scripting (XSS)

roundcube is vulnerable to cross-site scripting XSS. An attacker is able to inject and execute arbitrary Javascript in a user's browser via HTML messages during message display...

The vulnerability of the Message Display component of the Oracle Email Center software allows a hacker to gain access to modify, add, or delete data.

The vulnerability of the Message Display component of the Oracle Email Center messaging software is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to modify, add, or delete data using the HTTP protocol...

The vulnerability of the Message Display component of the Oracle Email Center messaging software in the Oracle E-Business Suite, a business automation system, allows a malicious individual to access, modify, add, or delete data, or to gain unauthorized access to protected information.

The vulnerability of the Message Display component of the Oracle Email Center messaging software in the Oracle E-Business Suite system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, or to...