EUVD-2022-41818

Malicious code in bioql PyPI...

Fedora 36 : nextcloud (2022-902df3b060)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-902df3b060 advisory. Security fix for CVE-2022-39346 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

CVE-2022-39346

CVE-2022-39346 affects Nextcloud Server. Affected versions did not properly limit user display names, which could allow a malicious user to overload the backing database and trigger a denial of service. OpenSUSE advisory confirms the issue and attributes exploitation to missing length validation ...

in jspark311/buriedunderthenoisefloor

Description Uploaded files represent a significant risk to applications. The first step in many attacks is to get some code to the system to be attacked. Then the attack only needs to find a way to get the code executed. https://github.com/jspark311/BuriedUnderTheNoiseFloor/ is vulnerable to remo...

MediaWiki GlobalNewFiles 资源管理错误漏洞

GlobalNewFiles is an extension of the MediaWiki Foundation that provides a special page to view all files of a wiki farm globally. GlobalNewFiles suffers from a Resource Management Error vulnerability that stems from the fact that all existing versions of GlobalNewFiles are affected by an...

BSS Continuity CMS Denial of Service Vulnerability

BSS Continuity CMS is a content management system CMS from BSS UK. A denial of service vulnerability exists in BSS Continuity CMS version 4.2.22640.0. An attacker can exploit this vulnerability to cause the underlying database to run with an overload...

CVE-2014-3447 - Remote Denial Of Service in BSS Continuity CMS

Vulnerability title: Remote Denial Of Service in BSS Continuity CMS CVE: CVE-2014-3447 Vendor: BSS Product: Continuity CMS Affected version: 4.2.22640.0 Fixed version: N/A Reported by: Jerzy Kramarz Details: By repeatedly calling node enumeration script, a remote unauthenticated attacker can...