244 matches found
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
Usage Make sure Python and ncat are installed...
Security fix for the ALT Linux 10 package apache2 version 1:2.4.50-alt1
Oct. 7, 2021 Anton Farygin 1:2.4.50-alt1 - 2.4.50 Fixes: CVE-2021-41773, CVE-2021-41524...
CVE-2021-37532
SAP Business One version - 10, due to improper input validation, allows an authenticated User to gain access to directory and view the contents of index in the directory, which would otherwise be restricted to high privileged User...
CVE-2021-37532
SAP Business One 10.0 contains an input validation error that allows an authenticated user to gain access to directory contents that should be restricted to higher-privilege users. The root cause is improper input validation leading to directory listing exposure. Impact is limited to unauthorized...
Maccms arbitrary file deletion vulnerability
Maccms is a PHP-based film and television content management system CMS. Maccms has an arbitrary file deletion vulnerability in version 10, which stems from a network system or product that does not properly validate input data and can be exploited by an attacker to delete arbitrary files on the...
gcc-toolset-10-valgrind bug fix and enhancement update
GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. Bug fixes: incorrect pkgconfig virtual provides in devel packages BZ1968378 For instructions on usage, see Using GCC Toolset linked from th...
PT-2021-3865 · Typo3 · Typo3
Name of the Vulnerable Software and Affected Versions: TYPO3 versions 9.0.0 through 9.5.28 TYPO3 versions 10.0.0 through 10.4.17 TYPO3 versions 11.0.0 through 11.3.0 Description: The issue is related to the components QueryGenerator and QueryView in the TYPO3 content management system, which are...
CVE-2021-29742
IBM Security Verify Access Docker 10.0.0 could allow a user to impersonate another user on the system. IBM X-Force ID: 201483...
Google Android System Information Disclosure Vulnerability (CNVD-2021-52332)
Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An information disclosure vulnerability exists in the System component of Google Android versions 8.1, 9, 10, and 11. No details of the vulnerability are provided a...
Cross site request forgery (csrf)
A flaw was found in Infinispan version 10, where it is possible to perform various actions that could have side effects using GET requests. This flaw allows an attacker to perform a cross-site request forgery CSRF attack...
PostgreSQL 9.6.x < 9.6.22, 10.x < 10.17, 11.x < 11.12, 12.x < 12.7, 13.x < 13.3 Multiple Vulnerabilities - Linux
PostgreSQL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:postgresql:postgresql";...
PostgreSQL 9.6.x < 9.6.22 / 10.x < 10.17 / 11.x < 11.12 / 12.x < 12.7 / 13.x < 13.3 Multiple Vulnerabilities
The version of PostgreSQL installed on the remote host is 9.6 prior to 9.6.22, 10 prior to 10.17, 11 prior to 11.12, 12 prior to 12.7, or 13 prior to 13.3. As such, it is potentially affected by multiple vulnerabilities : - Buffer overrun from integer overflow in array subscripting calculations...
Solaris SunSSH 11.0 x86 - libpam Remote Root (2)
Exploit Title: Solaris SunSSH 11.0 x86 - libpam Remote Root 2 Original Exploit Author: Hacker Fantastic Metasploit Module Author: wvu Vendor Homepage: https://www.oracle.com/solaris/technologies/solaris10-overview.html Version: 10 Tested on: SunOS solaris 10 CVE: CVE-2020-14871 Ported By: legend...
Google Android System Information Disclosure Vulnerability (CNVD-2021-43412)
Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An information disclosure vulnerability exists in the System component of Google Android version 10. No details of the vulnerability are provided at this time...
Google Android 安全漏洞
Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An information disclosure vulnerability exists in the System component of Google Android versions 8.1, 9, 10, and 11. No details of the vulnerability are provided a...
Adobe Bridge 10.x < 10.0.4 Multiple Vulnerabilities (APSB20-19)
The version of Adobe Bridge installed on the remote macOS or Mac OS X host is prior to 10.0.4. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb20-19 advisory. - Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful...
CVE-2021-20016
A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x...
Sql injection
A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x...
CVE-2021-20016
A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x...
Zero-Day Vulnerability in SonicWall SMA 100 Series Version 10.x Products
CISA is aware of a vulnerability in SonicWall Secure Mobile Access SMA 100 series products. SMA 100 series products provide an organization’s employees with remote access to internal resources. SonicWall security and engineering teams have confirmed a zero-day vulnerability that was reported by a...