34 matches found
CVE-2022-27593
An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, This could allow an attacker to modify system files. We have already fixed the vulnerability in the following versions: QTS 5.0.1: Photo Station 6.1.2 and later...
PT-2022-4657 · Qnap · Qnap Nas +1
Name of the Vulnerable Software and Affected Versions: QNAP NAS running Photo Station versions prior to 5.2.14 QNAP NAS running Photo Station versions prior to 5.4.15 QNAP NAS running Photo Station versions prior to 5.7.18 QNAP NAS running Photo Station versions prior to 6.0.22 QNAP NAS running...
The vulnerability of the IP Service Level Agreement (IP SLA) and the implementation of the Two-Way Active Measurement Protocol (TWAMP) in the Cisco IOS XR operating system allows a perpetrator to trigger a service failure.
The vulnerability of the IP Service Level Agreement IP SLA and the implementation of the Two-Way Active Measurement Protocol TWAMP in the Cisco IOS XR operating system is related to the absence of a reference to an active, dedicated resource. Exploiting this vulnerability can allow a malicious...
GHSA-QGCG-P3V2-9H4P Externally Controlled Reference to a Resource in Another Sphere and Confused Deputy in Spring Cloud Netflix
Spring Cloud Netflix, versions 2.2.x prior to 2.2.4, versions 2.1.x prior to 2.1.6, and older unsupported versions allow applications to use the Hystrix Dashboard proxy.stream endpoint to make requests to any server reachable by the server hosting the dashboard. A malicious user, or attacker, can...
CVE-2021-27648
Externally controlled reference to a resource in another sphere in quarantine functionality in Synology Antivirus Essential before 1.4.8-2801 allows remote authenticated users to obtain privilege via unspecified vectors...
FasterXML jackson-databind deserialization vulnerability (CNVD-2020-24668)
FasterXML Jackson is a U.S. FasterXML company for Java data processing tools . jackson-databind is one of the components with data binding capabilities . A security vulnerability exists in FasterXML jackson-databind version 2.x prior to 2.9.10.4, which stems from insecure deserialization of...
CVE-2018-7824
An Externally Controlled Reference to a Resource CWE-610 vulnerability exists in Schneider Electric Modbus Serial Driver For 64-bit Windows OS:V3.17 IE 37 and prior , For 32-bit Windows OS:V2.17 IE 27 and prior, and as part of the Driver Suite version:V14.12 and prior which could allow write acce...
morty - Privacy aware web content sanitizer proxy as a service
Web content sanitizer proxy as a service. Morty rewrites web pages to exclude malicious HTML tags and attributes. It also replaces external resource references to prevent third party information leaks. The main goal of morty is to provide a result proxy for searx , but it can be used as a...
CVE-2008-3064
Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability."...
RealPlayer for Windows < 6.0.14.806 / 6.0.12.1675 Multiple Vulnerabilities
Binary data 4608.prm...
Design/Logic Flaw
Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability."...
CVE-2008-3064
Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability."...
CVE-2008-3064
Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability."...
RealPlayer for Windows < Build 6.0.14.806 / 6.0.12.1675 Multiple Vulnerabilities
According to its build number, the installed version of RealPlayer / on the remote Windows host suffers from possibly several issues : - Heap memory corruption issues in several ActiveX controls can lead to arbitrary code execution. CVE-2008-1309 - An unspecified local resource reference...