Lucene search
K

148 matches found

Tenable Nessus
Tenable Nessus
added 2020/02/20 12:0 a.m.36 views

SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2020:0411-1)

This update for ImageMagick fixes the following issues : Security issue fixed : CVE-2019-19948: Fixed a heap-based buffer overflow in WriteSGIImage bsc1159861. CVE-2019-19949: Fixed a heap-based buffer over-read in WritePNGImage bsc1160369. Non-security issue fixed: Fixed an issue where convertin...

9.8CVSS8.4AI score0.03678EPSS
Exploits1References8
NVD
NVD
added 2020/02/13 7:15 p.m.14 views

CVE-2014-4198

A Two-Factor Authentication Bypass Vulnerability exists in BS-Client Private Client 2.4 and 2.5 via an XML request that neglects the use of ADPswID and AD parameters, which could let a malicious user access privileged function...

9.1CVSS9.1AI score0.01297EPSS
Exploits1References1
Prion
Prion
added 2020/02/13 7:15 p.m.13 views

Authentication flaw

A Two-Factor Authentication Bypass Vulnerability exists in BS-Client Private Client 2.4 and 2.5 via an XML request that neglects the use of ADPswID and AD parameters, which could let a malicious user access privileged function...

6.4CVSS7AI score0.01297EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/02/13 6:28 p.m.20 views

CVE-2014-4198

A Two-Factor Authentication Bypass Vulnerability exists in BS-Client Private Client 2.4 and 2.5 via an XML request that neglects the use of ADPswID and AD parameters, which could let a malicious user access privileged function...

9.2AI score0.01297EPSS
Exploits1References1
CVE
CVE
added 2020/02/13 6:28 p.m.48 views

CVE-2014-4198

The vulnerability CVE-2014-4198 affects BS-Client Private Client, versions 2.4 and 2.5. A flaw in the authentication flow allows a two-factor bypass via an XML request that omits ADPswID and AD parameters, enabling a malicious user to access privileged functions. Root cause stated as improper han...

9.1CVSS8.9AI score0.01297EPSS
Exploits1References1Affected Software1
Openbugbounty
Openbugbounty
added 2020/01/27 3:43 a.m.12 views

bs-citysued.de Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1075707 Security Researcher geeknik Helped patch 8722 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting bs-citysued.de website and...

0.2AI score
Exploits0
NVD
NVD
added 2020/01/03 8:15 p.m.13 views

CVE-2014-4196

Cross-site scripting XSS vulnerability in bsi.dll in Bank Soft Systems BSS RBS BS-Client 3.17.9 allows remote attackers to inject arbitrary web script or HTML via the colorstyle parameter...

6.1CVSS6.1AI score0.00806EPSS
Exploits1References1
NVD
NVD
added 2020/01/03 8:15 p.m.12 views

CVE-2014-10398

Multiple cross-site scripting XSS vulnerabilities in bsi.dll in Bank Soft Systems BSS RBS BS-Client. Private Client aka RBS BS-Client. Retail Client 2.5, 2.4, and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 DICTIONARY, 2 FILTERIDENT, 3 FROMSCHEME, 4 FromPoint, ...

6.1CVSS6.1AI score0.00806EPSS
Exploits1References1
Prion
Prion
added 2020/01/03 8:15 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in bsi.dll in Bank Soft Systems BSS RBS BS-Client 3.17.9 allows remote attackers to inject arbitrary web script or HTML via the colorstyle parameter...

4.3CVSS6.1AI score0.00806EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/01/03 7:40 p.m.160 views

CVE-2014-10398

The CVE-2014-10398 entry describes multiple XSS vulnerabilities in Bank Soft Systems (BSS) RBS BS-Client’s bsi.dll (Private Client/ Retail Client, versions 2.5, 2.4 and earlier). The issue allows remote attackers to inject arbitrary script/HTML via parameters DICTIONARY, FILTERIDENT, FROMSCHEME, ...

6.1CVSS6AI score0.00806EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/01/03 7:40 p.m.19 views

CVE-2014-4196

Cross-site scripting XSS vulnerability in bsi.dll in Bank Soft Systems BSS RBS BS-Client 3.17.9 allows remote attackers to inject arbitrary web script or HTML via the colorstyle parameter...

6.1AI score0.00806EPSS
Exploits1References1
CVE
CVE
added 2020/01/03 7:40 p.m.148 views

CVE-2014-4196

The CVE-2014-4196 entry describes an XSS vulnerability in Bank Soft Systems (BSS) RBS BS-Client 3.17.9, exploitable via the colorstyle parameter in bsi.dll. The impact is as described by the NVD entry; no exploit code or in-the-wild details are provided in the connected documents. Remediation det...

6.1CVSS6AI score0.00806EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2019/12/31 12:0 a.m.4 views

GPAC Code Issue Vulnerability

GPAC is an open source multimedia framework. A code issue vulnerability exists in the 'gfodfavccfgwritebs' function in the odf/descriptors.c file in GPAC versions 0.8.0 and 0.9.0-development-20191109. The vulnerability stems from an improperly designed or implemented code development process for ...

5.5CVSS7.2AI score0.00865EPSS
Exploits1References1
NVD
NVD
added 2019/07/10 10:15 p.m.18 views

CVE-2019-13489

Trape through 2019-05-08 has SQL injection via the data2 variable in core/db.py, as demonstrated by the /bs t parameter...

9.8CVSS9.9AI score0.01432EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/07/10 9:18 p.m.18 views

CVE-2019-13489

Trape through 2019-05-08 has SQL injection via the data2 variable in core/db.py, as demonstrated by the /bs t parameter...

9.9AI score0.01432EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/06/24 12:0 a.m.26 views

SUSE SLED15 / SLES15 Security Update : Recommended update for evince (SUSE-SU-2019:1648-1)

This update for evince provides the following fixes : Security issue fixed : CVE-2019-11459: Fixed an improper error handling in which could have led to use of unitialized use of memory bsc1133037. Other issue addressed: Removed Supplements from psdocument package, so that it isn't pulled in by...

5.5CVSS6.3AI score0.01443EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2018/12/19 12:0 a.m.3 views

PT-2023-1156 · Gpac +2 · Gpac +2

Name of the Vulnerable Software and Affected Versions: gpac/gpac versions prior to 2.3.0-DEV Description: The issue is related to a Use After Free condition in the gpac/gpac multimedia platform, specifically concerning the gf odf vvc cfg read bs function. This condition involves the use of memory...

9.8CVSS7.9AI score0.04615EPSS
Exploits93References239
Positive Technologies
Positive Technologies
added 2018/12/19 12:0 a.m.3 views

PT-2023-15160 · Unknown +1 · Gpac Mp4Box +1

Name of the Vulnerable Software and Affected Versions: GPAC MP4box version 2.1-DEV-rev574-g9d5bb184b Description: The issue is related to a buffer overflow in the gf vvc read pps bs internal function, located in the media tools/av parsers.c file. Recommendations: For GPAC MP4box version...

9.8CVSS7.8AI score0.04615EPSS
Exploits93References232
Positive Technologies
Positive Technologies
added 2018/12/19 12:0 a.m.8 views

PT-2023-15455 · Unknown +1 · Gpac Mp4Box +1

Name of the Vulnerable Software and Affected Versions: GPAC MP4box version 2.1-DEV-rev644-g5c4df2a67 Description: The issue is related to a Buffer Overflow in the gf bs read data function. No information is provided about the estimated number of potentially affected devices worldwide or real-worl...

9.8CVSS7.4AI score0.04615EPSS
Exploits150References372
CNVD
CNVD
added 2018/03/15 12:0 a.m.4 views

open build service information disclosure vulnerability

The open build service is a general-purpose system for building and distributing packages from source code in an automated, consistent and repeatable manner. A security vulnerability exists in the bsworker code in versions of open build service prior to 20170320. An attacker can exploit the...

7.5CVSS6.9AI score0.01167EPSS
Exploits0References1
Rows per page
Query Builder