11 matches found
MAL-2025-9850 Malicious code in @zalastax/nolb-_cer (npm)
The package @zalastax/nolb-cer was found to contain malicious code...
Cisco Emergency Responder Static Credentials (cisco-sa-cer-priv-esc-B9t3hqk9)
According to its self-reported version, Cisco Emergency Responder Static Credentials is affected by a vulnerability. Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...
GHSA-6JMW-6MXW-W4JC BER/CER/DER decoder panics on invalid input
NLnet Labs’ bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...
CVE-2023-39914 BER/CER/DER decoder panics on invalid input
NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...
RUSTSEC-2023-0062 BER/CER/DER decoder panics on invalid input
Due to insufficient checking of input data, decoding certain data sequences can lead to bcder panicking rather than returning an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding. bcder 0.7.3 fixes these issues by more...
cer-reseau.com Cross Site Scripting vulnerability OBB-3358287
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
cer-llp.kz Cross Site Scripting vulnerability OBB-3277284
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
cer-reseau.com Cross Site Scripting vulnerability OBB-1319867
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
High version square academic system to upload suffix filter is not strict result can directly Upload a Webshell-vulnerability warning-the black bar safety net
In the older version there is a use of the plug-in file upload vulnerability,but in the new version have not this plugin. This vulnerability is due to the filter is not strict caused by,can directly Upload a Webshell to mention the rights,because the code in the DLL,the country most of the...
siteserver cms 3.4.5 tasteless vulnerabilities and fixes-vulnerability warning-the black bar safety net
This vulnerability with the original vulnerability approach is very similar to that! To meet the two conditions of the system open up iis6 Register account-the document attachment management-Upload File we create a new layer directory of course before is can be established. the asp directory in t...
Use the IIS semicolon parsing upload vulnerability analysis-vulnerability warning-the black bar safety net
First look at the following a very common file upload extension filter code: fileExt=lcaseofile. FileExt arrUpFileType=splitUpFileType,"|" for i=0 to uboundarrUpFileType if fileEXT=trimarrUpFileTypei then EnableUpload=true exit for end if next if fileEXT="asp" or fileEXT="asa" or fileEXT="aspx" o...