17 matches found
EUVD-1999-1276
Malware in sbrugna...
CVE-2023-37597
Cross Site Request Forgery CSRF vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete user grouplist function...
SUSE CVE-2015-1827
The getusergrouplist function in the extdom plug-in in FreeIPA before 4.1.4 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service crash via a group list request for a user that belongs to a large number of groups...
CVE-2023-37597
Cross Site Request Forgery CSRF vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete user grouplist function...
CVE-2023-37597
Cross Site Request Forgery CSRF vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete user grouplist function...
CVE-2023-37597
Cross Site Request Forgery CSRF vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete user grouplist function...
CVE-2023-37597
Cross Site Request Forgery CSRF vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete user grouplist function...
PT-2023-26034 · Unknown · Issabel-Pbx
Name of the Vulnerable Software and Affected Versions: issabel-pbx version 4.0.0-6 Description: A Cross Site Request Forgery CSRF issue allows a remote attacker to cause a denial of service via the delete user grouplist function. This can lead to unintended actions being performed without the...
CVE-2023-37597
Cross Site Request Forgery CSRF vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete user grouplist function...
(0Day) Wecon LeviStudioU usermanage GroupList Description Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...
(0Day) Wecon LeviStudioU usermanage GroupList ID Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...
(0Day) Wecon LeviStudioU usermanage GroupList Name Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...
某教育门户CMS存在五处SQL注入
简要描述: RT 详细说明: 释锐是全国领先的智慧教育解决方案供应商。致力于通过技术创新为中小学、职校、高校和教育行政管理机构提供有竞争力的智慧教育解决方案和服务,持续提升客户体验,为客户创造最大价值。目前,释锐的产品和解决方案已经应用于 25 个省市,服务全国 3000 多所学校。 注入点:index.jsp?groupId=,labelGroup.jsp?labelName=, searchInfo.jsp?orderBy=, groupList.jsp?orderBy=,ta.jsp?tpId=&uuid= 案例: 注入点1:...
Red Hat FreeIPA extdom plugin denial of service vulnerability
Red Hat FreeIPA is an integrated security information management solution from Red Hat that provides an easy-to-manage identity, policy and audit IPA suite for Linux and Unix computer networks. extdom is a directory server plug-in. A security vulnerability in the 'getusergrouplist' function in...
ipa: memory corruption when using get_user_grouplist()
It was discovered that the IPA extdom Directory Server plug-in did not correctly perform memory reallocation when handling user account information. A request for a list of groups for a user that belongs to a large number of groups would cause a Directory Server to crash...
PT-2015-5460 · Red Hat +1 · Freeipa +2
Name of the Vulnerable Software and Affected Versions: FreeIPA versions prior to 4.1.4 Description: The issue is related to the get user grouplist function in the extdom plug-in, which does not properly reallocate memory when processing user accounts. This allows remote attackers to cause a denia...
CVE-1999-1295
CVE-1999-1295 affects Transarc DCE Distributed File System (DFS) 1.1 on Solaris 2.4/2.5. The grouplist is not properly initialized for users in large groups, potentially allowing them to access resources protected by DFS. Vulnerability details indicate partial impact to confidentiality, integrity...