EUVD-2022-5211

Malicious code in bioql PyPI...

PT-2024-1619 · D Link · D-Link Dap-1650

Name of the Vulnerable Software and Affected Versions: D-Link DAP-1650 affected versions not specified Description: A command injection issue exists when handling UPnP SUBSCRIBE messages, allowing an unauthenticated attacker to gain command execution on the device as root. The vulnerability is...

USN-4734-2: wpa_supplicant and hostapd vulnerabilities

USN-4734-1 fixed several vulnerabilities in wpasupplicant. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that wpasupplicant did not properly handle P2P Wi-Fi Direct group information in some situations, leading to a heap overflow. A physically proximate...

activemq: Multiple XSS flaws in web demos

Multiple cross-site scripting XSS vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via 1 the refresh parameter to PortfolioPublishServlet.java aka demo/portfolioPublish or Market Data Publisher, or vectors involving 2...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via 1 the refresh parameter to PortfolioPublishServlet.java aka demo/portfolioPublish or Market Data Publisher, or vectors involving 2...

CVE-2012-6092

Multiple cross-site scripting XSS vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via 1 the refresh parameter to PortfolioPublishServlet.java aka demo/portfolioPublish or Market Data Publisher, or vectors involving 2...

CVE-2012-6092

Multiple cross-site scripting XSS vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via 1 the refresh parameter to PortfolioPublishServlet.java aka demo/portfolioPublish or Market Data Publisher, or vectors involving 2...