9795 matches found
CVE-2021-26475
EPrints 3.4.2 exposes a reflected XSS opportunity in the via a cgi/cal URI...
CVE-2021-26476
EPrints 3.4.2 allows remote attackers to execute OS commands via crafted LaTeX input to a cgi/cal?year= URI...
CVE-2021-26702
EPrints 3.4.2 exposes a reflected XSS opportunity in the dataset parameter to the cgi/datasetdictionary URI...
EPrints 跨站脚本漏洞
EPrints is a free open source software package for building open access repositories compliant with the OAI-PMH protocol. A reflected cross-site scripting vulnerability exists in the year parameter of the cgi/cal URI in EPrints 3.4.2. No detailed vulnerability details are provided at this time...
EPrints 安全漏洞
EPrints is a free open source software package for building open access repositories compliant with the OAI-PMH protocol. EPrints 3.4.2 suffers from a command injection vulnerability. A remote attacker can exploit this vulnerability by entering specially crafted data into cgi/cal?year= URI to...
D-Link DAP-2020 webproc getpage Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. When parsing the getpage...
D-Link DAP-2020 WEB_CmdFileList Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. The issue results from the...
D-Link DAP-2020 errorpage External Control of File Name Information Disclosure Vulnerability
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. When parsing the...
Updated privoxy package fixes security vulnerabilities
Fixed a memory leak when decompression fails "unexpectedly". CVE-2021-20216 Prevent an assertion from getting triggered by a crafted CGI request. CVE-2021-20217...
CVE-2021-27403
Askey RTF8115VW BRSVg11.11RTFTEF001V6.54V014 devices allow cgi-bin/teaccesorouter.cgi curWebPage XSS...
CVE-2021-27403
Askey RTF8115VW BRSVg11.11RTFTEF001V6.54V014 devices allow cgi-bin/teaccesorouter.cgi curWebPage XSS...
CVE-2021-27403
CVE-2021-27403 affects Asus Askey routers: specifically the RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 family. The vulnerability is a cross-site scripting (XSS) in the web interface, exposed via cgi-bin/te_acceso_router.cgi with curWebPage context. Public descriptions consistently state that th...
Webmin < 1.970 Multiple Vulnerabilities
According to its self-reported version, the version of Webmin running on the remote host may be affected by multiple vulnerabilities, including the following: - Arbitrary command execution can occur in Webmin through 1.962. Any user authorized for the Package Updates module can execute arbitrary...
OPENSUSE-SU-2021:0279-1 Security update for privoxy
This update for privoxy fixes the following issues: - Update to version 3.0.31: - Security/Reliability boo1181650 - Prevent an assertion from getting triggered by a crafted CGI request. Commit 5bba5b89193fa. OVE-20210130-0001. CVE-2021-20217 Reported by: Joshua Rogers Opera - Fixed a memory leak...
Security update for privoxy (moderate)
openSUSE Security Update: Security update for privoxy Announcement ID: openSUSE-SU-2021:0279-1 Rating: moderate References: 1181650 Cross-References: CVE-2021-20216 CVE-2021-20217 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes two vulnerabilities is now available...
Fedora 32 : privoxy (2021-f08e89a0d5)
The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-f08e89a0d5 advisory. - A flaw was found in Privoxy in versions before 3.0.31. A memory leak that occurs when decompression fails unexpectedly may lead to a denial of...
Fedora 33 : privoxy (2021-6fe9346693)
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-6fe9346693 advisory. - A flaw was found in Privoxy in versions before 3.0.31. A memory leak that occurs when decompression fails unexpectedly may lead to a denial of...
CVE-2021-25139
A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager v1.20. The HPE Moonshot Provisioning Manager is an application that is installed in a VMWare or Microsoft Hyper-V environment that is used to setup and configure an HPE Moonshot 1500 chassis. This...
OPENSUSE-SU-2021:0265-1 Security update for privoxy
This update for privoxy fixes the following issues: - Update to version 3.0.31: - Security/Reliability boo1181650 - Prevent an assertion from getting triggered by a crafted CGI request. Commit 5bba5b89193fa. OVE-20210130-0001. CVE-2021-20217 Reported by: Joshua Rogers Opera - Fixed a memory leak...
Privoxy Security Vulnerability
Privoxy is a proxy server from the Privoxy team in the USA that does not cache web pages and comes with its own filtering features. It has advanced filtering features to enhance privacy, modify web data and HTTP headers, control access and remove advertisements and other annoying Internet...