232 matches found
CVE-2019-11886
The WaspThemes Visual CSS Style Editor aka yellow-pencil-visual-theme-customizer plugin before 7.2.1 for WordPress allows ypoptionupdate CSRF, as demonstrated by use of ypremoteget to obtain admin access...
GHSA-F9HV-MG5H-XCW9 Deserialization of Untrusted Data in jackson-databind due to polymorphic deserialization
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization...
Information Disclosure
hawtio-system is vulnerable to an information disclosure. The library displays the entire stack trace when it runs into an exception in accessing a non-existent directory, allowing a malicious user to gather sensitive information from it...
CVE-2017-7831
A vulnerability where the security wrapper does not deny access to some exposed properties using the deprecated "exposedProps" mechanism on proxy objects. These properties should be explicitly unavailable to proxy objects. This vulnerability affects Firefox 57...
CVE-2017-12525
A Remote Code Execution vulnerability in HPE Intelligent Management Center iMC PLAT version PLAT 7.3 E0504 was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 E0506 or any subsequent version...
CVE-2017-3112
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of AdobePSDK metadata. The use of an invalid out-of-range pointer offset during...
library.tc.columbia.edu Open Redirect vulnerability
Vulnerable URL: http://library.tc.columbia.edu/logandgo.php?url=http://openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 19.12.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP websi...
Privilege Escalation
devisesecurityextension is vulnerable to privilege escalation. The library accepts changes to the user parameters when a user is updating their expired passwords, a malicious user can pass the parameter of admin=true to escalate themselves to admin level privilege...
CVE-2016-1000154
Reflected XSS in wordpress plugin whizz v1.0.7...
Fedora Update for ldns FEDORA-2011-13929
Check for the Version of ldns OpenVAS Vulnerability Test Fedora Update for ldns FEDORA-2011-13929 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Ubuntu Update for gimp vulnerability USN-480-1
Ubuntu Update for Linux kernel vulnerabilities USN-480-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4801.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for gimp vulnerability USN-480-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Дырка в gtk+ (GTK_MODULES)
Пользователь может указать расположение библиотек через переменную GTKMODULES...