EUVD-2024-41569

Malicious code in bioql PyPI...

CVE-2024-45842

Sharp and Toshiba Tec MFPs improperly process URI data in HTTP PUT requests resulting in a path Traversal vulnerability. Unintended internal files may be retrieved when processing crafted HTTP requests...

CVE-2024-45842

Sharp and Toshiba Tec MFPs improperly process URI data in HTTP PUT requests resulting in a path Traversal vulnerability. Unintended internal files may be retrieved when processing crafted HTTP requests...

CVE-2024-45842

Sharp and Toshiba Tec MFPs improperly process URI data in HTTP PUT requests resulting in a path Traversal vulnerability. Unintended internal files may be retrieved when processing crafted HTTP requests...

Backdoor.Win32.NinjaSpy.c Remote Stack Buffer Overflow

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: https://malvuln.com/advisory/6eece319bc108576bd1f4a8364616264.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NinjaSpy.c Vulnerability: Remote Stack Buffer Overflow Description: The specimen drop...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update

An update is now available for Red Hat JBoss Enterprise Application Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Important: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2017-12617

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled e.g. via setting the readonly initialisation parameter of the Default servlet to false it was possible to upload a JSP file to the server via a specially crafted...

PT-2017-4238 · Apache +5 · Apache Tomcat +5

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 7.0.0 through 7.0.81 Apache Tomcat versions 8.0.0.RC1 through 8.0.46 Apache Tomcat versions 8.5.0 through 8.5.22 Apache Tomcat versions 9.0.0.M1 through 9.0.0 Description: The issue is related to the lack of restriction...

Trend Micro SafeSync for Enterprise Authentication Bypass

The Trend Micro SafeSync for Enterprise SSFE application running on the remote host is affected by an authentication bypass vulnerability. An unauthenticated, remote attacker can exploit this, via a series of HTTP PUT requests using specially crafted parameters, to disclose the valid, unexpired...

OracleVM 3.3 : cups (OVMSA-2014-0035)

The remote OracleVM system is missing necessary patches to address critical security updates : - Revert change to whitelist /rss/ resources, as this was not used upstream. - More STR 4461 fixes from upstream: make rss feeds world-readable, but cachedir private. - Fix icon display in web interface...