86 matches found
PT-2024-16671 · Unknown · 1000 Projects Bookstore Management System
Name of the Vulnerable Software and Affected Versions: 1000 Projects Bookstore Management System version 1.0 Description: A critical issue has been found in the 1000 Projects Bookstore Management System, affecting an unknown functionality of the file /contact process.php. The manipulation of the...
kernel: net: fix information leakage in /proc/net/ptype
In the Linux kernel, the following vulnerability has been resolved: net: fix information leakage in /proc/net/ptype In one net namespace, after creating a packet socket without binding it to a device, users in other net namespaces can observe the new packettype added by this packet socket by...
CVE-2024-37872
SQL injection vulnerability in process.php in Itsourcecode Billing System in PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the username parameter...
PT-2024-27783 · Unknown · Itsourcecode Billing System
Name of the Vulnerable Software and Affected Versions: itsourcecode Billing System version 1.0 Description: A SQL Injection issue allows a local attacker to execute arbitrary code in process.php via the username parameter. Recommendations: For itsourcecode Billing System version 1.0, consider...
PT-2024-26403 · Unknown · Campcodes Online Event Management System
Name of the Vulnerable Software and Affected Versions: Campcodes Online Event Management System version 1.0 Description: A problematic issue has been found in the system, affecting the processing of the file /views/process.php. The manipulation of the name argument leads to cross-site scripting...
Kashipara Dynamic Lab Management System SQL Injection Vulnerability
Kashipara Dynamic Lab Management System is a dynamic lab management system from Kashipara. A SQL injection vulnerability exists in Kashipara Dynamic Lab Management System 1.0 and earlier versions, which originates from a SQL injection vulnerability in the file loginprocess.php...
ILIAS Security Vulnerabilities
ILIAS is an open source learning management system. A security vulnerability exists in ILIAS versions prior to 7.23 and prior to 8.3, which stems from a workflow-engine vulnerability that allows an attacker to run arbitrary system commands on an application server as an application user via a...
procps buffer error vulnerability
procps is the procps-ng open source command line and full screen utility for browsing procfs. A security vulnerability exists in procps that stems from allowing a user with the right to run the procps program on a computer to write a virtually unlimited amount of unfiltered data to the process he...
Catdoc 安全漏洞
Catdoc is a program that reads MS-Word files and prints them readably, by Pete Warden, an individual developer in the United States. A security vulnerability exists in Catdoc version v0.95, which stems from the function processfile in /src/reader.c containing a global buffer overflow...
SUSE CVE-2016-6234
The processfile function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service crash via a crafted jpeg file...
Mozilla: Symlinks may resolve to partially uninitialized buffers
The Mozilla Foundation Security Advisory describes this flaw as: When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer...
Mozilla: Symlinks may resolve to partially uninitialized buffers
The Mozilla Foundation Security Advisory describes this flaw as: When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer...
Mozilla: Symlinks may resolve to partially uninitialized buffers
The Mozilla Foundation Security Advisory describes this flaw as: When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer...
Mozilla: Symlinks may resolve to partially uninitialized buffers
The Mozilla Foundation Security Advisory describes this flaw as: When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer...
Amazon Linux 2022 : polkit, polkit-devel, polkit-libs (ALAS2022-2022-102)
It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-102 advisory. There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion.The highest threat from this vulnerability is to availability. NOTE:...
EulerOS Virtualization 2.9.0 : polkit (EulerOS-SA-2022-2206)
According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustio...
EulerOS Virtualization 2.10.0 : polkit (EulerOS-SA-2022-2033)
According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed...
Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2022-2061)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-32056
Online Accreditation Management v1.0 was discovered to contain a SQL injection vulnerability via the USERNAME parameter at process.php...
EulerOS 2.0 SP9 : polkit (EulerOS-SA-2022-1850)
According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest...