Format string

A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This affects the function httpconnect in the library libproxy/proxy.c. The manipulation leads to format string. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The...

Dumb Password Rules

Examples of dumb password rules. There are some pretty bad disasters out there. My worst experiences are with sites that have artificial complexity requirements that cause my personal password-generation systems to fail. Some of the systems on the list are even worse: when they fail they dont tel...

CVE-2023-0964

A vulnerability classified as critical has been found in SourceCodester Sales Tracker Management System 1.0. Affected is an unknown function of the file admin/products/viewproduct.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The...

Information disclosure

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Codiad 2.8.0. It has been rated as problematic. Affected by this issue is the function saveJSON of the file components/install/process.php. The manipulation of the argument data leads to information disclosure. The attack may be launched...

CVE-2016-15024

A vulnerability was found in doomsider shadow. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to be difficult. Continiou...

Information disclosure

A vulnerability was found in doomsider shadow. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to be difficult. Continiou...

CVE-2016-15024 doomsider shadow denial of service

A vulnerability was found in doomsider shadow. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to be difficult. Continiou...

PT-2023-10343 · Unknown · Doomsider Shadow

Name of the Vulnerable Software and Affected Versions: doomsider shadow affected versions not specified Description: A vulnerability was found in doomsider shadow, classified as problematic, affecting an unknown function. The manipulation leads to denial of service, requiring a local attack. The...

Sql injection

A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file edit-task.php. The manipulation of the argument taskid leads to sql injection. The attack can be initiated remotely. The complexit...

CVE-2023-0903 SourceCodester Employee Task Management System edit-task.php sql injection

A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file edit-task.php. The manipulation of the argument taskid leads to sql injection. The attack can be initiated remotely. The complexit...

CVE-2023-0903 SourceCodester Employee Task Management System edit-task.php sql injection

A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file edit-task.php. The manipulation of the argument taskid leads to sql injection. The attack can be initiated remotely. The complexit...

CVE-2023-0887

A vulnerability was found in phjounin TFTPD64-SE 4.64 and classified as critical. This issue affects some unknown processing of the file tftpd64svc.exe. The manipulation leads to unquoted search path. An attack has to be approached locally. The complexity of an attack is rather high. The...

Design/Logic Flaw

A vulnerability was found in phjounin TFTPD64-SE 4.64 and classified as critical. This issue affects some unknown processing of the file tftpd64svc.exe. The manipulation leads to unquoted search path. An attack has to be approached locally. The complexity of an attack is rather high. The...

CVE-2023-0887

CVE-2023-0887 affects phjounin TFTPD64-SE 4.64, exploiting the tftpd64_svc.exe component via an unquoted search path. The issue is exploitable only locally, with attack complexity reported as high and required privileges low; user interaction is none, and the impact is described as high for confi...

SUSE CVE-2007-6523

Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service CPU consumption via a crafted bitmap BMP file that triggers a large number of calculations and checks...

SUSE CVE-2012-2098

Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream BZip2CompressorOutputStream in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service CPU consumption via a file with many repeating inputs...

SUSE CVE-2013-4185

Algorithmic complexity vulnerability in OpenStack Compute Nova before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote authenticated users to cause a denial of service nova-network consumption via a large number of...

SUSE CVE-2018-12558

The parse method in the Email::Address module through 1.909 for Perl is vulnerable to Algorithmic complexity on specially prepared input, leading to Denial of Service. Prepared special input that caused this problem contained 30 form-field characters "\f"...

SUSE CVE-2019-14833

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...

SUSE CVE-2020-6817

bleach.clean behavior parsing style attributes could result in a regular expression denial of service ReDoS. Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to ReDoS. For example, bleach.clean..., attributes='a': 'style'...