15 matches found
EUVD-2018-0572
Malware in sbrugna...
EUVD-2024-30383
Malicious code in bioql PyPI...
WordPress Plugin Mortgage Calculators WP 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
PT-2024-24703 · WordPress · Mortgage Calculators Wp
Name of the Vulnerable Software and Affected Versions: Mortgage Calculators WP versions 1.56 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored XSS. This means that an attacker can inject malicious scripts into the...
WordPress Mortgage Calculators WP plugin <= 1.56 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin Mortgage Calculators WP versions = 1.56...
SUSE CVE-2016-1000346
In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are...
WordPress Mortgage Calculators WP plugin <= 1.55 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability discovered by Ceylan Bozogullarindan in WordPress Mortgage Calculators WP plugin versions = 1.55. Solution Update the WordPress Mortgage Calculators WP plugin to the latest available version at least 1.56...
Debian DLA-2433-1 : bouncycastle security update
It was discovered that there was an issue in the bouncycastle crypto library where attackers could obtain sensitive information due to observable differences in its response to invalid input. For Debian 9 'Stretch', this problem has been fixed in version 1.56-1+deb9u3. We recommend that you upgra...
Design/Logic Flaw
In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. Due to the highly table driven approach used in the algorithm it turns out that if the data channel on the CPU can be monitored the lookup table accesses are sufficient to leak...
DEBIAN-CVE-2016-1000339
In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. Due to the highly table driven approach used in the algorithm it turns out that if the data channel on the CPU can be monitored the lookup table accesses are sufficient to leak...
CVE-2016-1000339
In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. Due to the highly table driven approach used in the algorithm it turns out that if the data channel on the CPU can be monitored the lookup table accesses are sufficient to leak...
Movable Type Enterprise cross-site scripting vulnerability
Overview Movable Type Enterprise contains a cross-site scripting vulnerability. Movable Type Enterprise, a web log system from Six Apart KK for business users, contains a cross-site scripting vulnerability. This vulnerability is different from JVN30385652 and JVN81490697. Yosuke HASEGAWA of...
actsitenews-lfi.txt
'/ -.- -----------------oOO------OOo----------------- | actSite v1.56 news.php Local File Inclusion | | coded by DNX | ------------------------------------------------- ! Discovered: DNX ! Vendor: http://www.actsite.de ! Detected: 02.09.2007 ! Reported: 02.09.2007 ! Remote: yes ! Background:...
Detectoid for AzureConnectMachineAgent 1.56 - September 2025 Update
Detectoid for AzureConnectMachineAgent 1.56 - September 2025 Update...
Detectoid for AzureConnectMachineAgent 1.56 - September 2025 Update
Detectoid for AzureConnectMachineAgent 1.56 - September 2025 Update...