8696 matches found
CVE-2018-14247
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
U.S. Dept Of Defense: ████ █████ exposes highly sensitive information to public
Summary: www.██████ is a system used by ██████ for vendors to upload details of their technology for review by ███. Due to an insecure direct object reference vulnerability, all vendor uploads are accessible to the public, without authentication. This includes Unclass//FOUO documents, documents...
DEBIAN-CVE-2017-15118
A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process. If NBD server requir...
CVE-2017-15118
A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process. If NBD server requir...
FF Password Exporter - Easily Export Your Passwords From Firefox
It can be difficult to export your passwords from Firefox. Since version 57 of Firefox Quantum existing password export addons no longer work. Mozilla provides no other official alternatives. FF Password Exporter makes it quick and easy to export all of your passwords from Firefox. You can use FF...
CVE-2018-2978
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8, 2.9 and 2.10. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracl...
CVE-2018-2978
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8, 2.9 and 2.10. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracl...
June 21, 2018—KB4284863 (Preview of Monthly Rollup)
June 21, 2018—KB4284863 Preview of Monthly Rollup Improvements and fixes This nonsecurity update includes improvements and fixes that were a part of KB 4284815 released June 12, 2018 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Updates the...
CVE-2018-10889
CVE-2018-10889 affects Moodle prior to 3.5.1, 3.4.4, or 3.3.7. The flaw allows privacy exposure due to logs in data privacy exports that cannot be omitted. Remediation: upgrade to Moodle 3.5.1 or later (3.5 line), 3.4.4 or later (3.4 line), or 3.3.7 or later (3.3 line).
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Rational ClearCase (CVE-2015-0138)
Summary The “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability affects IBM WebSphere Application Server Versions 6.1, 7, 8, 8.5, and 8.5.5 that are used by IBM Rational ClearCase. Vulnerability Details Please consult the Security Bulletin: Vulnerability with RSA...
Ninja Forms < 3.3.9 - Insufficient Restrictions during Export Personal Data requests
The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin was affected by an Insufficient Restrictions during Export Personal Data requests security vulnerability...
CVE-2018-7765
The vulnerability exists within processing of trackimportexport.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the objectid input parameter...
SAP BASIS Report for Terminology Export System Command Injection Vulnerability
SAP BASIS is a role engaged in sap system administration. Mainly responsible for sap system planning, installation, configuration, management, monitoring, maintenance, tuning, etc.. A command injection vulnerability exists in the SAP BASIS Report for Terminology Export system, which can be...
The vulnerability of the components ExportSettings.sh, updateWPS, RebootSystem, and vpnBasicSettings of the Intelbras NCLOUD 300 Wi-Fi router’s microprogramming system allows a hacker to gain access to the device with administrator privileges.
The vulnerabilities of the components ExportSettings.sh /cgi-bin/ExportSettings.sh, updateWPS /goform/updateWPS, RebootSystem /goform/RebootSystem, and vpnBasicSettings /goform/vpnBasicSettings of the Intelbras NCLOUD 300 Wi-Fi router software are related to the use of pre-installed registration...
Design/Logic Flaw
A exposure of sensitive information vulnerability exists in Jenkins Configuration as Code Plugin 0.7-alpha and earlier in ConfigurationAsCode.java that allows attackers with Overall/Read access to obtain the YAML export of the Jenkins configuration...
CVE-2018-1000609
A exposure of sensitive information vulnerability exists in Jenkins Configuration as Code Plugin 0.7-alpha and earlier in ConfigurationAsCode.java that allows attackers with Overall/Read access to obtain the YAML export of the Jenkins configuration...
WordPress Advanced Order Export For #WooCommerce CSV Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Advanced Order Export For WooCommerce 1.5.4 - CSV Injection Exploit Author: Bhushan B. Patil Software Link: https://wordpress.org/plugins/woo-order-export-lite/ Affected Version: 1.5.4 and before Category: Plugi...
CVE-2018-11589
Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Centreon Web 2.8.23 allow attacks via the searchU parameter in viewLogs.php, the id parameter in GetXmlHost.php, the chartId parameter in ExportCSVServiceData.php, the searchCurve parameter in listComponentTemplates.php, or the...
Wordpress Comments Import & Export Plugin < 2.0.4 - CSV Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Comments Import & Export 2.0.4 - CSV Injection Exploit Author: Bhushan B. Patil Software Link: https://wordpress.org/plugins/comments-import-export-woocommerce/ Affected Version: 2.0.4 and before Category: Plugi...
WordPress Plugin Comments Import Export 2.0.4 - CSV Injection
WordPress Plugin Comments Import Export 2.0.4 - CSV Injection Exploit Title: Wordpress Plugin Comments Import & Export 2.0.4 - CSV Injection Google Dork: N/A Date: 2018-06-24 Exploit Author: Bhushan B. Patil Software Link: https://wordpress.org/plugins/comments-import-export-woocommerce/ Affected...