The vulnerability of messaging and video conferencing tools arises from incorrect restrictions on the path to the restricted catalog, allowing attackers to disclose protected information.

The vulnerability of the Message and Video Conference Messaging tool is related to incorrect restrictions on the path name to the restricted catalog. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

CVE-2023-30510

A vulnerability exists in the Aruba EdgeConnect Enterprise web management interface that allows remote authenticated users to issue arbitrary URL requests from the Aruba EdgeConnect Enterprise instance. The impact of this vulnerability is limited to a subset of URLs which can result in the possib...

HackerOne: SQL Injection in CVE Discovery Search

Unsanitized user-controlled inputs in the CVE Discovery Search allowed for SQL injection, which could lead to the disclosure of data in the Analytics Database, including report, team, and asset data...

Xxe

Improper Restriction of XML External Entity Reference vulnerability in Mitsubishi Electric Air Conditioning System/Centralized Controllers G-50A Ver.3.35 and prior, GB-50A Ver.3.35 and prior, GB-24A Ver.9.11 and prior, AG-150A-A Ver.3.20 and prior, AG-150A-J Ver.3.20 and prior, GB-50ADA-A Ver.3.2...

The vulnerability of the Windows Graphics component of the Windows operating system allows attackers to disclose protected information.

The vulnerability of the Windows Graphics component of the Windows operating system is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information through a specially created file...

The vulnerability of the System Management Mode (SMM) component of Intel microprogramming systems, related to access control deficiencies, allows attackers to disclose protected information.

The vulnerability of the System Management Mode SMM component of Intel microprocessors is related to access control deficiencies. Exploiting this vulnerability can allow attackers to disclose protected information...

CVE-2018-1000837

UML Designer version = 8.0.0 contains a XML External Entity XXE vulnerability in XML parser for plugins that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via malicious plugins.xml file...

CVE-2018-1000834

runelite version = runelite-parent-1.4.23 contains a XML External Entity XXE vulnerability in Man in the middle runscape services call that can result in Disclosure of confidential data, denial of service, SSRF, port scanning...

Xxe

K9Mail version = v5.600 contains a XML External Entity XXE vulnerability in WebDAV response parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via malicious WebDAV server or intercept the reponse of a valid WebDA...

CVE-2018-1000832

ZoneMinder version = 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution...

IBM Informix Dynamic Server 9.40/Informix Extended Parallel Server 8.40 Multiple Vulnerabilities (1)

No description provided by source. source: http://www.securityfocus.com/bid/9512/info IBM Informix Dynamic Server and IBM Informix Extended Parallel Server have been reported prone to multiple vulnerabilities. The first issue exists in the onedcu binary. Specifically, when the binary is invoked a...

CVE-2010-1409

Incomplete blacklist vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to trigger disclosure of data over IRC via vectors involving an IRC service port...

CVE-2010-1409

Removed by vendor...

RHEL 2.1 : python (RHSA-2007:1077)

Updated python packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. An integer...

FusionBB 0.x - Multiple Input Validation Vulnerabilities

FusionBB 0.x - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/13939/info FusionBB is affected by multiple vulnerabilities. These issues arise due to a failure of the application to properly sanitize user-supplied input. The following specific vulnerabilities...