CLSA-2025-1760543414 open-vm-tools: Fix of CVE-2025-41244

CVE-2025-41244: fix local privilege escalation in the SDMP plugin by disabling execution of the get-versions.sh script disabled by default...

USN-7785-1 open-vm-tools vulnerability

It was discovered that Open VM Tools incorrectly handled permissions with version checking. An attacker could possibly use this issue to escalate privileges inside a virtual machine. This update disables the SDMP get-versions.sh script, so version information may no longer be made available...

CLSA-2025-1747253770 libreoffice: Fix of CVE-2023-1183

CVE-2023-1183: disable script command file dump to prevent arbitrary writes...

PT-2024-39349 · Liferay · Liferay Dxp +1

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 6.2 GA through fix pack 173 Liferay Portal versions 7.0 GA through fix pack 102 Liferay Portal versions 7.0.0 through 7.4.3.101 Liferay DXP versions 7.1 GA through fix pack 28 Liferay DXP versions 7.2 GA through fix pa...

PT-2024-7359 · Cfx.Re · Cfx.Re Fxserver

Name of the Vulnerable Software and Affected Versions: Cfx.re FXServer versions v9601 and earlier wpDiscuz affected versions not specified Description: The issue is related to incorrect access control and the failure to neutralize script-related HTML tags on a web page. This can allow a remote...

PT-2024-9318 · NetGear · Netgear R7000

Name of the Vulnerable Software and Affected Versions: Netgear R7000 version 1.0.11.136 Description: The issue is related to a Command Injection vulnerability in the RMT invite.cgi script, specifically via the device name2 parameter. This vulnerability can be exploited by a remote attacker to...

PT-2022-22004 · I3Geo · I3Geo

Name of the Vulnerable Software and Affected Versions: Portal do Software Publico Brasileiro i3geo version 7.0.5 Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability was discovered via the request token.php file, which suggests it may be related to the...

PT-2020-2477 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Microsoft SharePoint Foundation affected versions not specified Microsoft SharePoint Enterprise Server affected versions not specified Description: The issue is related to a cross-si...

PT-2020-7359

Name of the Vulnerable Software and Affected Versions: D-Link IP Cameras DCS-3411/3430 version 1.02 D-Link IP Cameras DCS-5605/5635 version 1.01 D-Link IP Cameras DCS-1100L/1130L version 1.04 D-Link IP Cameras DCS-1100/1130 version 1.03 D-Link IP Cameras DCS-1100/1130 version 1.04 US D-Link IP...

Microsoft Internet Explorer and Edge CVE-2019-0608 Spoofing Vulnerability

Description Microsoft Internet Explorer and Edge are prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected...

Microsoft SharePoint CVE-2019-1259 Spoofing Vulnerability

Description Microsoft SharePoint is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft SharePoint...

Bashter - Web Crawler, Scanner, And Analyzer Framework

Bashter is a tool for scanning a Web-based Application. Bashter is very suitable for doing Bug Bounty or Penentration Testing. It is designed like a framework so you can easily add a script for detect vulnerability. For Example You can add something script like this:...

Microsoft Internet Explorer 'OLEAuto32.dll' CVE-2011-1995 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...

PT-2011-4029 · Apache +1 · Mod Authnz External +2

Name of the Vulnerable Software and Affected Versions: mod authnz external module versions 3.2.5 and earlier Description: The issue allows remote attackers to execute arbitrary SQL commands via the user field. This is related to a SQL injection vulnerability in the mysql/mysql-auth.pl script. The...

Microsoft Internet Explorer Erroneous IOleClientSite Data Zone Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a zone-bypass vulnerability because the browser returns erroneous IOleClientSite when dynamically creating an embedded object. This could cause malicious script code to be executed in a security zone with fewer restrictions than the zone that th...

Microsoft Internet Explorer XML Object Zone Restriction Bypass Vulnerability

Description Microsoft has announced that a vulnerability exists in Internet Explorer when handling malicious XML objects. The problem is said to occur due to Internet Explorer failing to validate a supplied path when binding local data to the XML document. As a result, a malicious HTML containing...

Vulnerability in Viralator proxy extension

Hi! Date: October 2001 Product: Viralator http://viralator.loddington.com/ Viralator is a perl-script to be used with the squid proxy, an apache webserver and some virus scanner software. Its purpose is to allow scanning of files downloaded through the proxy for viruses. The product has been list...