EUVD-2021-27832

Malicious code in bioql PyPI...

GitHub: [PATs] Token with Read-Only permissions on Issues able to modify issue comments using content write permission

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be updated with an improperly scoped token...

AZL-10736 CVE-2022-32742 affecting package samba 4.12.5-7

A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file or printer instead of client-supplied data. The client cannot control the area of the...

CVE-2021-40658

Textpattern 4.8.7 is affected by a HTML injection vulnerability through “ContentWriteBody”...

CVE-2021-40658

Textpattern 4.8.7 is affected by a HTML injection vulnerability through “ContentWriteBody”...

Design/Logic Flaw

Textpattern 4.8.7 is affected by a HTML injection vulnerability through “ContentWriteBody”...

CVE-2021-40658

Textpattern 4.8.7 is affected by a HTML injection vulnerability in the Body field of Content>Write>Body. The vulnerability is described as a HTML injection issue in Textpattern CMS

PT-2022-11293 · Unknown · Textpattern

Name of the Vulnerable Software and Affected Versions: Textpattern version 4.8.7 Description: The issue is related to a HTML injection vulnerability. It can be exploited through the "ContentWriteBody" section. Recommendations: For version 4.8.7, consider restricting access to the "ContentWriteBod...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1234)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an attacker to execute arbitrary commands on the server...

CVE-2019-19459

The SALTO ProAccess SPACE 5.4.3.0 vulnerability set includes CVE-2019-19458 (Directory Traversal in Data Export) and CVE-2019-19459 (arbitrary file write). The root cause is the ability to write arbitrary content to arbitrary files, enabling potential command execution. The web server runs as a W...

EulerOS Virtualization 2.5.3 : kernel (EulerOS-SA-2019-1259)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in cancangwrcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allo...