EUVD-2016-7673

Malware in sbrugna...

.NET 6.0 bug fix and enhancement update

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET Core is a managed-software framework. It implements a subset of the .N...

CVE-2024-38953

phpok 6.4.003 contains a Cross Site Scripting XSS vulnerability in the okf method under the framework/api/uploadcontrol.php file...

CVE-2024-38953

The CVE-2024-38953 entry maps to phpok 6.4.003 with a Cross Site Scripting (XSS) vulnerability in the ok_f() method of framework/api/upload_control.php. Affected component: phpok core, file path framework/api/upload_control.php. Root cause and explicit impact are described as XSS, but the connect...

PT-2024-28292 · Phpok · Phpok

Name of the Vulnerable Software and Affected Versions: phpok version 6.4.003 Description: The issue is related to a Cross Site Scripting XSS vulnerability. It affects the ok f method located in the framework/api/upload control.php file. Recommendations: For phpok version 6.4.003, consider disabli...

Important: Red Hat Security Advisory: .NET 7.0 security update

An update for .NET 7.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

.NET 6.0 bugfix update

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET Core is a managed-software framework. It implements a subset of the .N...

XML External Entity (XXE)

nifi-framework-api is vulnerable to XML external entity XXE attack. An attacker is able to submit requests on behalf of the server via an XXE attack as the notification service manager and various policy authorizer and user group provider objects allow trusted administrators to inadvertently...

.NET Core Spoofing Vulnerability (Feb 2019)

ASP.NET Core is prone to a spoofing vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:microsoft:asp.netcore" ;...

Microsoft .NET Framework Multiple Vulnerabilities (KB4483450)

This host is missing an important security update according to Microsoft KB4483450 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

Microsoft .NET Framework Multiple Vulnerabilities (KB4483455)

This host is missing an important security update according to Microsoft KB4483455 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

Security Updates for Microsoft Visual Studio Products (February 2019)

The Microsoft Visual Studio Products are missing a security update. It is, therefore, affected by the following vulnerability : - A remote code execution vulnerability exists in Visual Studio software when the software fails to check the source markup of a file. An attacker who successfully...

CVE-2016-0223

Cross-site scripting XSS vulnerability in the Webform Framework API in IBM Forms Server 4.0.x, 8.0.x, 8.1, and 8.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 110006...

CVE-2016-0223

Cross-site scripting XSS vulnerability in the Webform Framework API in IBM Forms Server 4.0.x, 8.0.x, 8.1, and 8.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 110006...

CVE-2016-0223

Cross-site scripting XSS vulnerability in the Webform Framework API in IBM Forms Server 4.0.x, 8.0.x, 8.1, and 8.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 110006...

CVE-2016-0223

Cross-site scripting XSS vulnerability in the Webform Framework API in IBM Forms Server 4.0.x, 8.0.x, 8.1, and 8.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 110006...

CVE-2016-0223

CVE-2016-0223 affects IBM Forms Server (Webform Framework API) on 4.0., 8.0. , 8.1, 8.2. The vulnerability arises from improper validation of user-supplied input, allowing a remote attacker to execute arbitrary script via a specially crafted URL, i.e., a cross-site scripting (XSS) flaw. Impact in...

CVE-2017-0593

CVE-2017-0593 is an elevation of privilege vulnerability in Android Framework APIs that could allow a local malicious application to obtain access to custom permissions. Affected products/versions identified in the connected documents include Android 6.0, 6.0.1, 7.0, 7.1.1, and 7.1.2 (Android ID:...

CVE-2016-6770

An elevation of privilege vulnerability in the Framework API could enable a local malicious application to access system functions beyond its access level. This issue is rated as Moderate because it is a local bypass of restrictions on a constrained process. Product: Android. Versions: 4.4.4,...

CVE-2016-6770

An elevation of privilege vulnerability in the Framework API could enable a local malicious application to access system functions beyond its access level. This issue is rated as Moderate because it is a local bypass of restrictions on a constrained process. Product: Android. Versions: 4.4.4,...