Linux Distros Unpatched Vulnerability : CVE-2018-1335

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line o...

The vulnerability of the Apex One antivirus software is caused by deficiencies in the authentication process, which allows a hacker to download arbitrary files into the SampleSubmission directory.

The vulnerability of the anti-virus software Apex One is due to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to download arbitrary files into the SampleSubmission directory by using the Content-Length header in the HTTP PUT request sent to the...

PT-2019-12514 · Synology · Synology Calendar

Name of the Vulnerable Software and Affected Versions: Synology Calendar versions prior to 2.3.1-0617 Description: The issue allows remote attackers to execute arbitrary commands via a crafted 'X-Real-IP' header. This is related to an OS command injection vulnerability in the drivers syno import...

PYSEC-2014-6

The contrib.auth.middleware.RemoteUserMiddleware middleware in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3, when using the contrib.auth.backends.RemoteUserBackend backend, allows remote authenticated users to hijack web sessions via vectors...