GitHub Enterprise Server 安全漏洞

GitHub Enterprise Server is an open-source application developed by GitHub in the United States. It provides a scalable and easy-to-manage platform by allowing users to set their GitHub instances as virtual devices. Prior to version 3.21 of GitHub Enterprise Server, there was a security...

MiracleLinux 7 : nspr-4.11.0-1.el7, nss-softokn-3.16.2.3-14.2.el7, nss-3.21.0-9.el7, nss-util-3.21.0-2.2.el7 (AXSA:2016-217:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-217:01 advisory. nspr NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal fi...

EUVD-2025-197960

The Photonic Gallery & Lightbox for Flickr, SmugMug & Others plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's lightbox functionality in all versions up to, and including, 3.21 due to insufficient input sanitization and output escaping on user supplied caption...

EUVD-2016-3027

Malware in sbrugna...

LG Simple Editor Remote Code Execution Exploit

This Metasploit module exploits broken access control and directory traversal vulnerabilities in LG Simple Editor software for gaining code execution. The vulnerabilities exist in versions of LG Simple Editor prior to v3.21. By exploiting this flaw, an attacker can upload and execute a malicious...

LG Simple Editor Remote Code Execution

This Metasploit module exploits broken access control and directory traversal vulnerabilities in LG Simple Editor software for gaining code execution. The vulnerabilities exist in versions of LG Simple Editor prior to v3.21. By exploiting this flaw, an attacker can upload and execute a malicious...

PT-2023-9947 · Bestwebsoft · Bestwebsoft Contact Form

Name of the Vulnerable Software and Affected Versions: BestWebSoft Contact Form version 3.21 Description: A vulnerability was found in the function cntctfrm settings page of the file contact form.php, leading to cross-site request forgery. The attack can be initiated remotely. Recommendations: Fo...

PT-2016-7536 · Mozilla +4 · Nss +4

Name of the Vulnerable Software and Affected Versions: NSS versions 3.21.x Description: A flaw was found in the Diffie Hellman Client key exchange handling, making it vulnerable to a small subgroup confinement attack. This allows an attacker to recover private keys by confining the client DH key ...

Ubuntu: Security Advisory (USN-2903-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

isaa-2007-004.txt

============================================= INTERNET SECURITY AUDITORS ALERT 2007-004 - Original release date: November 7th, 2007 - Last revised: December 7th, 2007 - Discovered by: Jesus Olmos Gonzalez - Severity: 4/5 ============================================= I. VULNERABILITY...

PT-2005-2162 · Calendarscript · Calendarscript

Name of the Vulnerable Software and Affected Versions: CalendarScript version 3.21 Description: A cross-site scripting XSS issue exists in the login command of calendar.pl, allowing remote attackers to inject arbitrary web script or HTML via the username parameter. Recommendations: For...

Conexant Access Runner DSL Console login bypass vulnerability

A vulnerability has been discovered in the Conexant Access Runner DSL Console Port 3.21. This vulnerability will let a remote attacker bypass the login screen and have full admin rights even if admin password is set. The login bypass works in the following way: When at login screen you may press...

conexant.txt

From: Chris Norton To: [email protected] Subject: Conexant Access Runner DSL Console login bypass vulnerability A vulnerability has been discovered in the Conexant Access Runner DSL Console Port 3.21. This vulnerability will let a remote attacker bypass the login screen and have full admi...