CVE-2020-36858 Nagios Log Server < 2.1.6 XSS via Create User, Edit User, & Manage Host Lists Pages

Nagios Log Server versions prior to 2.1.6 contain cross-site scripting XSS vulnerabilities via the web interface on the Create User, Edit User, and Manage Host Lists pages. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in t...

GHSA-7PVX-4585-HQWW sequelize-typescript Prototype Pollution vulnerability

Prototype Pollution in GitHub repository robinbuschmann/sequelize-typescript prior to 2.1.6...

DEBIAN-CVE-2014-9628

The MP4ReadBoxString function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to trigger an unintended zero-size malloc and conduct buffer overflow attacks, and consequently execute arbitrary code, via a box size of 7...

PT-2016-3318 · Libevent +5 · Libevent +5

Name of the Vulnerable Software and Affected Versions: libevent versions prior to 2.1.6-beta Description: The issue is related to a stack-based buffer overflow in the evutil parse sockaddr port function, which can be exploited by attackers to cause a denial of service, resulting in a segmentation...