5 matches found
CVE-2025-48065 Combodo iTop vulnerable to reflected XSS via objection edition form error
Combodo iTop is a web based IT service management tool. Versions prior to 2.7.13 and 3.2.2 are vulnerable to cross-site scripting when a field with an error contains malicious content. Versions 2.7.13 and 3.2.2 protect rendered HTML content...
PT-2025-40361
Name of the Vulnerable Software and Affected Versions AndSoft's e-TMS version 25.03 Description An operating system command injection issue exists that allows an attacker to execute operating system commands on the server. This is achieved by sending a POST request to the /CLT/LOGINERRORFRM.ASP...
GHSA-5FM9-H728-FWPJ trust-dns vulnerable to Remote Attackers causing Denial-of-Service (packet loops) with crafted DNS packets
trust-dns and trust-dns-server are vulnerable to remotely triggered denial-of-service attacks, consuming both network and CPU resources. DNS messages with the QR=1 bit set are responded to with a FormErr response. This allows creating a traffic loop, in which these FormErr responses are sent...
RUSTSEC-2023-0041 Remote Attackers can cause Denial-of-Service (packet loops) with crafted DNS packets
trust-dns and trust-dns-server are vulnerable to remotely triggered denial-of-service attacks, consuming both network and CPU resources. DNS messages with the QR=1 bit set are responded to with a FormErr response. This allows creating a traffic loop, in which these FormErr responses are sent...
Description of the security update for Outlook 2016: January 8, 2019
None None...