9 matches found
PT-2026-25681
A security flaw has been discovered in SSCMS 7.4.0. This vulnerability affects unknown code of the file SitesAddController.Submit.cs of the component DDL Handler. The manipulation of the argument tableHandWrite results in sql injection. The attack can be executed remotely. The exploit has been...
SPIP referer_spam å®å Øę¼ę“
SPIP refererspam is an extension plugin developed by the SPIP company. Versions of SPIP refererspam prior to 1.3.0 contained a security vulnerability. This vulnerability stemmed from the fact that the operations refererspamajouter and refererspamsupprimer directly inserted URL parameters into SQL...
Command Injection
Overview agentc is a The front-facing package for the Couchbase Agent Catalog project. Affected versions of this package are vulnerable to Command Injection due to unsafe use of subprocess.run when invoking the default system editor during the agentc add operation. The application directly execut...
Linux Distros Unpatched Vulnerability : CVE-2021-4150
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free flaw was found in the addpartition in block/partitions/core.c in the Linux kernel. A local attacker with user privileges could cause a denial o...
An approved operator of a CID NFT owner can steall any subprotocol NFTs from the CID NFT Owner and his other approved operators.
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. An approved operator of a CID NFT owner, if becomes malicious or compromised, can steal any subprotocol NFTs from the CID NFT Owner and his other approved operators. This is possible because: after...
CVE-2022-32745
A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault...
389-ds-base: Information disclosure via repeated use of LDAP ADD operation
An information disclosure flaw was found in 389 Directory Server. A user with no access to objects in certain LDAP sub-tree could send LDAP ADD operations with a specific object name. The error message returned to the user was different based on whether the target object existed or not...
Smoothwall Express Cross-Site Scripting Vulnerability
Smoothwall Express is a set of routing and firewall software for Linux-based systems. The software provides routing, firewall, NAT, VPN, IDS, dynamic DNS, internal and external network access control, network traffic control and monitoring, as well as logging and other functions. A cross-site...
Patch 3 Release Notes for Veeam Backup & Replication 6.0.0.153
More Recent Version Available Please find the latest version of Veeam Backup & Replication here: Veeam Downloads - Latest Version Challenge These are the issues resolved by the Patch 3 for Veeam Backup version 6.0.0.153. All patches are cumulative so each below fix is contained in this patch...