7 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-64775
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0...
DoS (Denial of Service) com.fasterxml.jackson.core:jackson-core Dependency Vulnerability in Crowd Data Center and Server
This High severity Improper Authorization vulnerability was introduced in version 7.1.0 of Crowd Data Center. This Improper Authorization vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N allows an unauthenticated attacker...
PT-2025-13167
Name of the Vulnerable Software and Affected Versions Synology Mail Server versions prior to DSM 7.2/7.1 Description A vulnerability in Synology Mail Server allows authenticated users to tamper with system configurations, risking mail stability. The issue can be exploited by remote attackers,...
PT-2024-34652 · Ampache · Ampache
Name of the Vulnerable Software and Affected Versions: Ampache versions prior to 7.0.1 Description: The issue concerns the inadequate validation of CSRF tokens in the token parsing implementation, which could be exploited to forge CSRF attacks. This allows an attacker to delete messages to any...
PT-2024-13136 · Couchbase · Couchbase Server
Name of the Vulnerable Software and Affected Versions: Couchbase Server versions 6.6.x through 7.2.0 Description: An issue was discovered in Couchbase Server where unauthenticated users may cause memcached to run out of memory via large commands. Recommendations: For Couchbase Server versions 6.6...
CVE-2022-3442
A vulnerability was found in Crealogix EBICS 7.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /ebics-server/ebics.aspx. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the...
UBUNTU-CVE-2018-8040
Pages that are rendered using the ESI plugin can have access to the cookie header when the plugin is configured not to allow access. This affects Apache Traffic Server ATS versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x should upgrade to 6.2.3 or later versions...