5655 matches found
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.20.1)
The version of AOS installed on the remote host is prior to 5.20.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.20.1 advisory. - encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service invalid write access and...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.11.2)
The version of AOS installed on the remote host is prior to 5.11.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.11.2 advisory. - Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.17.0.3)
The version of AOS installed on the remote host is prior to 5.17.0.3. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.17.0.3 advisory. - urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect i.e., a...
Google Chrome < 105.0.5195.52 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 105.0.5195.52. It is, therefore, affected by multiple vulnerabilities as referenced in the 202208stable-channel-update-for-desktop30 advisory. - Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prior to...
CVE-2022-2765
CVE-2022-2765 affects SourceCodester Company Website CMS 1.0. An unknown functionality in the /dashboard/settings file enables improper authentication, with remote exploitation reportedly disclosed publicly. The vulnerability is described as critical with potential impact on confidentiality, inte...
Library Management System 跨站脚本漏洞
Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Individual Developer. A cross-site scripting vulnerability exists in Library Management System, which stems from unknown code in the file /qr/I/ being affected,...
Company Website CMS 代码问题漏洞
Company Website CMS is a company website/CMS by Torrahclef Personal Developer. Company Website CMS suffers from a code issue vulnerability that stems from some unknown functionality of /dashboard/add-portfolio.php being affected, where manipulation of the parameter ufile can lead to unrestricted...
Company Website CMS 代码问题漏洞
Company Website CMS is a company website/CMS by Torrahclef Personal Developer. A security vulnerability exists in Company Website CMS, which stems from an unknown function of the file /dashboard/add-service.php of the component Add Service Handler being affected, resulting in unrestricted uploads...
CVE-2016-3098
Cross-site request forgery CSRF vulnerability in administrate 0.1.4 and earlier allows remote attackers to hijack the user's OAuth autorization code...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server Liberty shipped with IBM Tivoli Netcool Impact (CVE-2018-25031, CVE-2021-46708)
Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details...
Critical FileWave MDM Flaws Open Organization-Managed Devices to Remote Hackers
FileWave's mobile device management MDM system has been found vulnerable to two critical security flaws that could be leveraged to carry out remote attacks and seize control of a fleet of devices connected to it. "The vulnerabilities are remotely exploitable and enable an attacker to bypass...
CVE-2022-28681
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2015-10003 FileZilla Server PORT confused deputy
A vulnerability, which was classified as problematic, was found in FileZilla Server up to 0.9.50. This affects an unknown part of the component PORT Handler. The manipulation leads to unintended intermediary. It is possible to initiate the attack remotely. Upgrading to version 0.9.51 is able to...
Ambit Technologies iTech Job Portal Script 授权问题漏洞
Ambit Technologies iTech Job Portal Script is an efficient interactive platform from Ambit Technologies India. One can post their vacancy profile on one side and candidates can post their resume on the other side. Ambit Technologies iTech Job Portal Script version 9.13 suffers from a security...
CVE-2022-26649
A vulnerability has been identified in SCALANCE X200-4P IRT All versions V5.5.2, SCALANCE X201-3P IRT All versions V5.5.2, SCALANCE X201-3P IRT PRO All versions V5.5.2, SCALANCE X202-2IRT All versions V5.5.2, SCALANCE X202-2IRT All versions V5.5.2, SCALANCE X202-2P IRT All versions V5.5.2, SCALAN...
IBM CICS TX Standard and Advanced 跨站脚本漏洞
IBM CICS TX Standard and Advanced is a comprehensive, single transaction runtime package from International Business Machines IBM, Inc. that can provide a cloud-native deployment model for standalone applications. A cross-site scripting vulnerability exists in IBM CICS TX Standard and Advanced,...
Cross site scripting
A vulnerability classified as problematic was found in Bitrix Site Manager 12.06.2015. Affected by this vulnerability is an unknown functionality of the component Contact Form. The manipulation of the argument text with the input leads to basic cross site scripting. The attack can be launched...
Wordpress Kama Click Counter SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. wordpress Kama Click Counte is vulnerable to SQL injection, which can be exploited by attackers to...
silverstripe framework 资源管理错误漏洞
silverstripe framework is a CMS web framework. A security vulnerability exists in silverstripe framework version 4.8.1. An attacker can exploit this vulnerability to conduct remote attacks via specially crafted XML documents...
CVE-2017-20100 Air Transfer cross site scripting
A vulnerability was found in Air Transfer 1.0.14/1.2.1. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...