547 matches found
EMC RSA Archer 6.6 < 6.6 P8 / 6.7 < 6.7 P8 / 6.8 < 6.8 P5 / 6.9 < 6.9 P2 Insecure Credential Storage
The version of EMC RSA Archer running on the remote web server is 6.6.x prior to 6.6.0.8 6.6 P8, 6.7.x prior to 6.7.0.8 6.7 P8, 6.8.x prior to 6.8.0.5 6.8 P5 or 6.9.x prior to 6.9.0.2 6.9 P2. It is, therefore, affected by an insecure credential storage vulnerability with Archer Tableau integratio...
Joomla 3.0.x < 3.9.27 Multiple Vulnerabilities (5836-joomla-3-9-27)
According to its self-reported version, the instance of Joomla! running on the remote web server is 3.0.x prior to 3.9.27. It is, therefore, affected by multiple vulnerabilities. - HTML was missing in the executable block list of MediaHelper::canUpload, leading to XSS attack vectors. CVE-2021-260...
CVE-2021-33516
An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected...
Code injection
An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected...
Aruba Networks AirWave Management Platform 输入验证错误漏洞
Aruba Networks AirWave Management Platform is a suite of network management software for multi-vendor management from Aruba Networks. The software provides real-time monitoring, proactive alerting and historical data reporting. A security vulnerability exists in Aruba AirWave Management Platform...
CVE-2021-28202
The Service configuration-2 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service...
ASUS BMC Firmware 安全特征问题漏洞
ASUS BMC Firmware is a firmware from Asus China. The ASUS BMC Firmware suffers from a security signature issue vulnerability that stems from a buffer overflow vulnerability due to the Radius configuration function not validating the length of a user-entered string. A remote attacker could use thi...
Adobe Critical Code-Execution Flaws Plague Windows Users
Adobe has issued patches for a slew of critical security vulnerabilities, which, if exploited, could allow for arbitrary code execution on vulnerable Windows systems. Affected products include Adobe’s Framemaker document processor, designed for writing and editing large or complex documents;...
UBUNTU-CVE-2021-21169
Out of bounds memory access in V8 in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...
UBUNTU-CVE-2021-21141
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page...
Jenkins < 2.263.2 LTS / 2.275 Multiple Vulnerabilities
The version of Jenkins running on the remote web server is prior to 2.275 or is a version of Jenkins LTS prior to 2.263.2. It is, therefore, affected by multiple vulnerabilities, including the following: - Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows users with Agent/Configure...
phpMyAdmin 4.9.0 < 4.9.5 / 5.0.0 < 5.0.2 Multiple Vulnerabilities (PMASA-2020-2, PMASA-2020-3, PMASA-2020-4)
According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.9.x prior to 4.9.5 or 5.0.x prior to 5.0.2. It is, therefore, affected by multiple vulnerabilities. - In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was foun...
PHP 7.3.x < 7.3.23 Multiple Vulnerabilities
According to its self-reported version number, the version of PHP running on the remote web server is 7.2.x prior to 7.2.34, 7.3.x prior to 7.3.23 or 7.4.x prior to 7.4.11. It is, therefore, affected by multiple vulnerabilities: - When AES-CCM mode is used with opensslencrypt function with 12 byt...
PHP 7.4.x < 7.4.11 Multiple Vulnerabilities
According to its self-reported version number, the version of PHP running on the remote web server is 7.2.x prior to 7.2.34, 7.3.x prior to 7.3.23 or 7.4.x prior to 7.4.11. It is, therefore, affected by multiple vulnerabilities: - When AES-CCM mode is used with opensslencrypt function with 12 byt...
PHP 7.2.x < 7.2.30 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is prior to 7.2.30, 7.3.x prior to 7.3.17, or 7.4.x prior to 7.4.5. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read error exists in urldecode due to improper data validation checks. An...
PHP 7.4.x < 7.4.5 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is prior to 7.2.30, 7.3.x prior to 7.3.17, or 7.4.x prior to 7.4.5. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read error exists in urldecode due to improper data validation checks. An...
Joomla 2.5.x < 3.9.19 Multiple Vulnerabilities (5812-joomla-3-9-19)
According to its self-reported version, the instance of Joomla! running on the remote web server is 2.5.x prior to 3.9.19. It is, therefore, affected by multiple vulnerabilities. - In Joomla! before 3.9.19, lack of input validation in the heading tag option of the Articles - Newsflash and Article...
The vulnerability of the “Estimate and Actual Charges” component of the Oracle Depot Repair automation software allows a intruder to gain unauthorized access to protected information.
The vulnerability of the “Estimate and Actual Charges” component of the Oracle Depot Repair automation software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information through the...
The vulnerability of the Account Hierarchy Manager component of the Oracle General Ledger software, a business automation system within the Oracle E-Business Suite, allows a malicious individual to gain unauthorized access to protected data.
The vulnerability of the Account Hierarchy Manager component of the Oracle General Ledger software, a part of the Oracle E-Business Suite, relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected...
PHP 7.2.x < 7.2.30 Multiple Vulnerabilities
According to its self-reported version number, the version of PHP running on the remote web server is 7.2.x prior to 7.2.30. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read error exists in urldecode due to improper data validation checks. An attacker can exploit...