24 matches found
EUVD-2006-3473
Malware in sbrugna...
EUVD-2022-47972
Malicious code in bioql PyPI...
EUVD-2022-7180
Malicious code in bioql PyPI...
CVE-2022-30429
Multiple cross-site scripting XSS vulnerabilities in Neos CMS allow attackers with the editor role or higher to inject arbitrary script or HTML code using the editor function, the deletion of assets, or a workspace title. The vulnerabilities were found in versions 3.3.29 and 8.0.1 and could also ...
CVE-2020-35698
Thinkific Thinkific Online Course Creation Platform 1.0 is affected by: Cross Site Scripting XSS. The impact is: execute arbitrary code remote. The component is: Affected Source code of the website CMS which is been used by many to host their online courses using the Thinkific Platform. The attac...
PT-2023-26702 · Jizhicms · Jizhicms
Name of the Vulnerable Software and Affected Versions: jizhi CMS version 1.9.5 Description: The issue concerns an arbitrary file download vulnerability in the /c/PluginsController.php component. This vulnerability allows attackers to execute arbitrary code via downloading a crafted plugin...
Debian: Security Advisory (DLA-247-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-32650 Arbitrary code execution in october/system
October CMS is a self-hosted content management system CMS platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with access to the backend is able to execute PHP code by using the theme import feature. This will bypass the safe mode feature that prevents P...
Code injection
Frog CMS 0.9.5 allows PHP code execution via ?php to the admin/?/layout/edit/1 URI...
OpenJDK: OOB access in CMS code (2D, 8086092)
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D...
OpenSSL Multiple Vulnerabilities (20150611 - 2) - Windows
OpenSSL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl"; ifdescription...
OpenJDK: OOB access in CMS code (2D, 8086092)
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D...
OpenJDK: OOB access in CMS code (2D, 8086092)
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D...
OpenJDK: OOB access in CMS code (2D, 8086092)
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D...
OpenJDK: OOB access in CMS code (2D, 8086092)
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D...
OpenJDK: OOB access in CMS code (2D, 8086092)
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D...
Multiple Security vulnerabilities in AIX OpenSSL
IBM SECURITY ADVISORY First Issued: Wed Jul 15 00:20:05 CDT 2015 | Updated: Wed Aug 12 05:13:23 CDT 2015 | Update: A new ifix for Power8 machines having OpenSSL v1.0.1.514 has been added | Update: "A. FIXES" section. The most recent version of this document is available here:...
OpenSSL 1.0.1 < 1.0.1n / 1.0.2 < 1.0.2b Multiple Vulnerabilities (Logjam)
Binary data 8790.prm...
Updated openssl package fixes security vulnerabilities
A vulnerability in the TLS protocol allows a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This vulnerability is known as Logjam CVE-2015-4000. When processing an ECParameters structure OpenSSL...
DSA-3287-1 openssl - security update
Bulletin has no description...