PT-2025-31995 · Dell · Dell Kace K1000 System Management Appliance

Name of the Vulnerable Software and Affected Versions: Dell KACE K1000 System Management Appliance versions 5.0 through 5.3 Dell KACE K1000 System Management Appliance versions 5.4 prior to 5.4.76849 Dell KACE K1000 System Management Appliance versions 5.5 prior to 5.5.90547 Description: An...

GHSA-6XWF-7RFM-4GWC TYPO3 Cross-Site Scripting in Filelist Module

It has been discovered that the output table listing in the “Files” backend module is vulnerable to cross-site scripting when a file extension contains malicious sequences. Access to the file system of the server - either directly or through synchronization - is required to exploit the...

PT-2024-40142 · Packagist · Typo3/Cms-Core

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A cross-site scripting issue has been found in the output table listing of the "Files" backend module. This occurs when a file extension contains malicious sequences. To exploit thi...

glibc: data corruption while reading the NSS files database

It was discovered that the nssfiles backend for the Name Service Switch in glibc would return incorrect data to applications or corrupt the heap depending on adjacent heap contents. A local attacker could potentially use this flaw to execute arbitrary code on the system...

glibc: Unexpected closing of nss_files databases after lookups causes denial of service

It was found that the files back end of Name Service Switch NSS did not isolate iteration over an entire database from key-based look-up API calls. An application performing look-ups on a database while iterating over it could enter an infinite loop, leading to a denial of service...