69 matches found
SUSE CVE-2014-4208
Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4220...
AMI MegaRAC 安全漏洞
AMI MegaRAC is a family of service processor products from AMI. Complete out-of-band or unlit remote management of computer systems independent of operating system state or location is available to troubleshoot computers and ensure service continuity. A security vulnerability exists in AMI MegaRA...
PT-2022-27415 · Chicken +1 · Chicken +1
Name of the Vulnerable Software and Affected Versions: CHICKEN versions 5.x before 5.3.1 Description: The issue allows arbitrary OS command execution during package installation via escape characters in a .egg file. This is due to a problem in the egg-compile.scm file. Recommendations: For CHICKE...
PT-2022-36127 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.80 Description: A potential security issue exists in the gfs2 component of the Linux Kernel. The issue involves checking sb bsize shift after reading the superblock. The actual impact and attack plausibili...
PT-2022-15646 · WordPress · Wp Database Backup
Name of the Vulnerable Software and Affected Versions: WP Database Backup WordPress plugin versions prior to 5.9 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks when the unfiltered html capability is disallowed, for example in a...
CVE-2022-0025
A local privilege escalation PE vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory such as C:\ to execute a program with elevated privileges. This issue impacts: All...
Minor update (5) for Vivaldi Desktop Browser 5.1
Download Vivaldi The following improvements were made since the fourth 5.1 stable, minor update: Chromium Upgraded to 98.0.4758.141 fixes CVE-2022-1096 Main photo byAlisa Anton...
CVE-2021-32579
Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker who has a local code execution ability to tamper with the micro-service API...
Acronis True Image 授权问题漏洞
Acronis True Image is a famous data backup and restore software from Acronis Singapore. The software can be used to create drive and disk images and can restore the image when a clean system is needed. A security vulnerability exists in Acronis True Image 2021 Update 4 and earlier versions for...
PT-2020-8901
Name of the Vulnerable Software and Affected Versions Mattermost Server versions prior to 5.1 Description An issue in Mattermost Server allows attackers to cause a denial of service via the invite people slash command. Recommendations For versions prior to 5.1, update to version 5.1 or later to...
PT-2019-5216 · WordPress · Wordpress
Name of the Vulnerable Software and Affected Versions: WordPress versions prior to 5.2.4 Description: The issue is related to a Server Side Request Forgery SSRF vulnerability. This occurs because URL validation does not consider the interpretation of a name as a series of hex characters...
Ivanti LANDESK Management Suite SQL Injection Vulnerability
Ivanti LANDESK Management Suite LDMS is a suite of endpoint security management software from Ivanti, USA. A SQL injection vulnerability exists in Ivanti LDMS version 10.0.1.168 Service Update 5. The vulnerability stems from a database-based application that lacks validation of externally entered...
Ivanti LANDESK Management Suite Open Directory Vulnerability
Ivanti LANDESK Management Suite LDMS is a suite of endpoint security management software from Ivanti, USA. A exploit catalog vulnerability exists in Ivanti LDMS version 10.0.1.168 Service Update 5. The vulnerability originates from a network system or product that does not properly validate...
CVE-2019-12374
A SQL Injection vulnerability exists in Ivanti LANDESK Management Suite LDMS, aka Endpoint Manager 10.0.1.168 Service Update 5 due to improper username sanitization in the Basic Authentication implementation in core/provisioning.secure/ProvisioningSecure.asmx in Provisioning.Secure.dll...
Microsoft Visual Studio Information Disclosure Vulnerability
Microsoft Visual Studio is a family of development tool suites from Microsoft and a largely complete set of development tools that includes most of the tools needed throughout the software lifecycle. An information disclosure vulnerability exists in Microsoft Visual Studio 2010 SP1 and Visual...
Adobe ColdFusion Cross-Site Scripting Vulnerability (CNVD-2018-10342)
Adobe ColdFusion is the United States of America Audobee Adobe a dynamic Web server products, which runs the CFML ColdFusion Markup Language is a programming language for Web applications. A cross-site scripting vulnerability exists in Adobe ColdFusion released in 2016 Update 5 and earlier versio...
CVE-2018-4941
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Cross-Site Scripting vulnerability. Successful exploitation could lead to information disclosure...
PT-2018-16643 · Adobe · Coldfusion
Name of the Vulnerable Software and Affected Versions: Adobe ColdFusion versions Update 5 and earlier Adobe ColdFusion 11 versions Update 13 and earlier Description: The issue is related to an exploitable Unsafe XML External Entity Processing. Successful exploitation could lead to information...
PT-2018-16640 · Adobe · Coldfusion
Name of the Vulnerable Software and Affected Versions: Adobe ColdFusion versions Update 5 and earlier Adobe ColdFusion 11 versions Update 13 and earlier Description: The issue is related to an Insecure Library Loading vulnerability. Successful exploitation could lead to local privilege escalation...
JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment...