EUVD-2025-202692

Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can embed triggers e.g., JavaScript in a PDF document that execute during the signing process. When a signer reviews the document, the content appears normal. However, once the signature is applied, the...

PT-2025-50624

Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can embed triggers e.g., JavaScript in a PDF document that execute during the signing process. When a signer reviews the document, the content appears normal. However, once the signature is applied, the...

EUVD-2021-23441

Malware in sbrugna...

EUVD-2024-16748

Malicious code in bioql PyPI...

CVE-2024-31857

Forminator prior to 1.15.4 contains a cross-site scripting vulnerability. If this vulnerability is exploited, a remote attacker may obtain user information etc. and alter the page contents on the user's web browser...

CVE-2024-45269

WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Carousel image selection feature. While logged in to the WordPress site with Carousel Slider plugin enabled, accessing a crafted page may cause a user to alter the contents of the...

CVE-2019-16391

SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. This is related to ecrire/inc/meta.php and ecrire/inc/securiseraction.php...

CVE-2024-45269

WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Carousel image selection feature. While logged in to the WordPress site with Carousel Slider plugin enabled, accessing a crafted page may cause a user to alter the contents of the...

CVE-2024-0971

A SQL injection vulnerability exists where an authenticated, low-privileged remote attacker could potentially alter scan DB content...

CVE-2022-46660

An unauthorized user could alter or write files with full control over the path and content of the file...

Fortinet FortiMail Encryption Issue Vulnerability

Fortinet FortiMail is a suite of email security gateway products from Fortinet, Inc. Fortinet FortiMail is vulnerable to an encryption issue that could be exploited by a remote attacker with a valid session cookie to decrypt it and display or alter its content...

CVE-2016-7074

An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check that the TSIG record is the last one, leadi...

Input validation

An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check that the TSIG record is the last one, leadi...

CVE-2016-7073

An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check of the TSIG time and fudge values was found...

CVE-2016-7074

CVE-2016-7074 affects PowerDNS (authoritative server and recursor): insufficient TSIG validation allows MITM to alter AXFR content due to missing check that the TSIG record is last, enabling parsing of records outside the TSIG scope. Affected: PowerDNS versions before 3.4.11/4.0.2 and recursor be...

CVE-2017-15092

A cross-site scripting issue has been found in the web interface of PowerDNS Recursor from 4.0.0 up to and including 4.0.6, where the qname of DNS queries was displayed without any escaping, allowing a remote attacker to inject HTML and Javascript code into the web interface, altering the content...

CVE-2017-15092

A cross-site scripting issue has been found in the web interface of PowerDNS Recursor from 4.0.0 up to and including 4.0.6, where the qname of DNS queries was displayed without any escaping, allowing a remote attacker to inject HTML and Javascript code into the web interface, altering the content...

Unspecified Vulnerability in Mozilla Thunderbird

Mozilla Thunderbird is the United States Mozilla Foundation developed from the Mozilla Application Suite independent of the e-mail client software, support for IMAP, POP mail protocol and HTML mail format. A security vulnerability exists in Mozilla Thunderbird versions prior to 52.5.2. An attacke...

A peculiar hang horse way-vulnerability warning-the black bar safety net

I wrote this article is not to teach you how to run to hang horse Ah, hanging horse is not right! However, sometimes really want to do something make people feel happy things, because I came across a lot of administrators, you talk to him to convince the server has a problem! He does not believe,...

Sambar Server Default Accounts

The Sambar web server comes with some default accounts. It is possible to log in as some of them without password. An attacker may use this flaw to alter the content of this server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11493; scriptversion"1.18";...