4 matches found
AZL-55664 CVE-2024-12085 affecting package rsync for versions less than 3.4.1-1
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time...
cxf: XSS via the styleSheetPath
By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting XSS attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web page. This...
Zammad 代码问题漏洞
Zammad is a Web-based open source helpdesk/customer support system. An information disclosure vulnerability exists in Zammad versions prior to 3.4.1. The vulnerability stems from the way Massenversand's implementation of the SMS configuration interface presents the results of test requests to the...
CVE-2016-10898
The total-security plugin before 3.4.1 for WordPress has XSS...