Lucene search
K

6 matches found

CNNVD
CNNVD
added 2023/11/09 12:0 a.m.3 views

Apereo CAS Authorization Issues Vulnerability

Apereo CAS is a web-based enterprise multilingual single sign-on solution. A security vulnerability exists in Apereo CAS 7.0.0-RC7 and earlier versions, which originates in the jakarta.servlet.http.HttpServletRequest.getRemoteAddr method that allows bypassing multiple authentications...

9.8CVSS6.8AI score0.00941EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/12/27 12:0 a.m.6 views

SOCKS5 Proxy Package for Go 安全漏洞

SOCKS5 Proxy Package for Go is an open source SOCKS5 proxy library for Go by Bitcoin in Go. SOCKS5 Proxy Package for Go suffers from a security vulnerability that stems from the fact that the RemoteAddr and LocalAddr methods on the returned net.Conn may call themselves, leading to an infinite loo...

7.5CVSS7.4AI score0.00782EPSS
Exploits0References3
CNVD
CNVD
added 2018/10/17 12:0 a.m.5 views

Foxit Reader and Foxit PhantomPDF for Windows Memory Misreference Vulnerability (CNVD-2018-23732)

Foxit Reader for Windows is a Windows-based PDF document reader from China's Foxit Foxit Software Corporation.Foxit PhantomPDF for Windows is its commercial version. A memory misreference vulnerability exists in the handling of the gotoURL method of the host object in Foxit Reader 9.2.0.9297 and...

8.8CVSS8.8AI score0.03918EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/11 12:0 a.m.2 views

SQL Injection Vulnerability in Hanchao B2B2C Multi-User Mall System

Hanchao B2B2C multi-user mall system is a PHP multi-user mall website system source code developed in PHP + MySQL. Hanchao B2B2C Multi-User Mall System v2.1.3 SQL injection vulnerability exists in the address and index methods, due to the system fails to filter user-supplied parameters. An attack...

8.1AI score
Exploits0
CNVD
CNVD
added 2017/06/26 12:0 a.m.2 views

SQL Injection Vulnerability in add_address Method of ShopSn V2.0 Mall System

ShopsN Mall system is a product of Shanghai Yiso Network Technology Co., Ltd, an enterprise-class commercial standard full-featured allow free commercial use of open source online store full network system. A SQL injection vulnerability exists in the userid parameter in the addaddress method of t...

7.6AI score
Exploits0
ThreatPost
ThreatPost
added 2011/11/16 4:58 p.m.20 views

Microsoft Now Using IP Address to Map Malware Infections

Microsoft has a new way of determining the geolocation of systems infected with malware, and it had subtle but relevant effects on the 11th volume of the Microsoft Security Intelligence Report. It’s a novel concept, instead of relying on an administrator-specified setting that anyone with hands a...

7AI score
Exploits0References2
Rows per page
Query Builder