Rapid7 Nexpose 安全漏洞

Rapid7 Nexpose is a vulnerability management software developed by Rapid7 Corporation in the United States. It utilizes scan results to deeply detect vulnerabilities in networks. This software supports scanning of configurations, errors, vulnerabilities, and malware. Rapid7 Nexpose versions 6.4.5...

CVE-2025-50063

Vulnerability in Oracle Java SE component: Install. The supported version that is affected is Oracle Java SE: 8u451. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE executes to compromise Oracle Java SE. Successful attacks...

CVE-2024-5722

creationtimestamp| type| source ---|---|--- 2024-08-13 07:31:39+00:00| published-proof-of-concept| https://t.me/Kelvinseccommunity/730 2024-08-13 07:31:57+00:00| published-proof-of-concept| https://t.me/HackerArsenal/160 2024-08-18 06:23:26+00:00| published-proof-of-concept|...

PT-2024-10741 · Unknown · Mpedraza2020 Intranet Del Monterroso

Name of the Vulnerable Software and Affected Versions: mpedraza2020 Intranet del Monterroso versions up to 4.50.0 Description: A critical issue was found in the file config/cargos.php, where the manipulation of the dni profe argument leads to sql injection. The estimated number of potentially...

NextBX QWAlerter Code Issue Vulnerability

NextBX QWAlerter is an application from NextBX Corporation. A code issue vulnerability exists in NextBX QWAlerter version 4.50, which stems from the presence of some unknown functions in QWAlerter.exe that result in unquoted search paths...

IBM Informix JDBC Driver 代码注入漏洞

IBM Informix JDBC Driver is a driver from International Business Machines IBM. A security vulnerability exists in IBM Informix JDBC Driver versions 4.10 and 4.50 that stems from vulnerability to remote code execution attacks via JNDI injection...

Dell VxRail 操作系统命令注入漏洞

Dell VxRail is Dell's single HCI platform for every VMware workload and use case, including VDI, compute-intensive applications, and for hosting legacy and modern applications on a true hybrid cloud infrastructure. An operating system command injection vulnerability exists in Dell VxRail versions...

Zyxel USG FLEX 命令注入漏洞

Zyxel USG FLEX is a firewall from China Hopkins Zyxel. Offering flexible VPN options IPsec, SSL or L2TP, it provides flexible and secure remote access for remote work and management. A security vulnerability exists in the Zyxel USG FLEX Series 4.50 to 5.35 firmware versions, and the VPN Series 4....

SUSE CVE-2017-15745

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x000000000002ca2e."...

SUSE CVE-2017-15765

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at...

SUSE CVE-2022-26377

Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions...

CVE-2022-45041

creationtimestamp| type| source ---|---|--- 2022-12-20 00:10:41+00:00| seen| https://t.me/cibsecurity/54929...

OPENSUSE-SU-2022:0091-1 Security update for apache2

This update for apache2 fixes the following issues: Apache2 was updated to the current stable version 2.4.51 jscSLE-22733 jscSLE-22849 It fixes all CVEs and selected bugs represented by patches found between 2.4.23 and 2.4.51. See https://downloads.apache.org/httpd/CHANGES2.4 for a complete chang...

CVE-2020-24571

NexusQA NexusDB before 4.50.23 allows the reading of files via ../ directory traversal...

ZyXEL Zyxel XGS2210-52HP Cross-Site Scripting Vulnerability

ZyXEL Zyxel XGS2210-52HP is a managed switch from ZyXEL Taiwan, China. A cross-site scripting vulnerability exists in the ZyXEL Zyxel XGS2210-52HP using firmware version 4.50. The vulnerability stems from a lack of proper validation of client data by the WEB application. An attacker can exploit t...

CVE-2019-17253

IrfanView 4.53 allows a User Mode Write AV starting at JPEGLS+0x000000000000a6b8...

CVE-2019-17241

IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000d563...

IrfanView Buffer Overflow Vulnerability (CNVD-2017-32310)

IrfanView is an image viewer developed by Irfan Skiljan, a software developer from Bosnia and Herzegovina, which supports image browsing, image editing, image format conversion and more. A buffer overflow vulnerability exists in IrfanView version 4.50 64-bit. The vulnerability can be exploited by...

IrfanView BabaCAD4Image plugin buffer overflow vulnerability (CNVD-2017-32369)

IrfanView is an image viewer developed by Irfan Skiljan, a software developer from Bosnia and Herzegovina, which supports image browsing, image editing, image format conversion, etc. BabaCAD4Image plugin is one of the plugins for reading DXF and DWG CAD files. A buffer overflow vulnerability exis...

IrfanView buffer overflow vulnerability (CNVD-2017-14207)

IrfanView is an image viewer that supports image browsing, image editing, image format conversion and more. A buffer overflow vulnerability exists in the TOOLS plugin version 4.50 used in IrfanView version 4.44 32-bit. An attacker can exploit this vulnerability with the help of specially crafted...