9786 matches found
CVE-2017-1000148
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to PHP code execution as Mahara would pass portions of the XML through the PHP "unserialize" function when importing a skin from an XML file...
IDEMIA MorphoSmart 1300 Series device certificate import module privilege acquisition vulnerability
IDEMIA formerly Morpho MorphoSmart 1300 Series a.k.a. MSO 1300 Series devices are fingerprint identification devices from IDEMIA formerly Morpho, France. certificate import component is one of the certificate import components. The certificate import component is one of the certificate import...
How to recreate Local Host Cache on Citrix Virtual Apps & Desktops
Citrix ConfigSync Service outputs Event ID 505 errors periodically, "The Citrix Config Sync Service failed an import."...
Monero: Out-of-bounds read when importing corrupt blockchain with monero-blockchain-import
It is possible to trigger an out-of-bounds read in monero-blockchain-import when importing a corrupt blockchain and not verifying blocks and transitions during import --verify 0. Using a corrupt importfile, the attacker has full control over bufferblock in importfromfile blockchainimport.cpp. As...
CVE-2017-15567
The certificate import component in IDEMIA formerly Morpho MorphoSmart 1300 Series aka MSO 1300 Series devices allows local users to obtain a command shell, and consequently gain privileges, via unspecified vectors. NOTE: the vendor disputes this because there is no command shell in the product o...
CVE-2017-15567
The certificate import component in IDEMIA formerly Morpho MorphoSmart 1300 Series aka MSO 1300 Series devices allows local users to obtain a command shell, and consequently gain privileges, via unspecified vectors. NOTE: the vendor disputes this because there is no command shell in the product o...
PT-2017-14099 · Idemia · Idemia Morphosmart 1300 Series
Name of the Vulnerable Software and Affected Versions: IDEMIA MorphoSmart 1300 Series devices affected versions not specified Description: The certificate import component in IDEMIA MorphoSmart 1300 Series devices allows local users to obtain a command shell and gain privileges via unspecified...
[SECURITY] Fedora 25 Update: libwpd-0.10.2-1.fc25
libwpd is a library for import of WordPerfect documents...
CVE-2017-10344
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8 and 2.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2017-10343
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2017-10340
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
Buffer overflow
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2017-10343
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2017-10343
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2017-10340
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. Supported versions that are affected are 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
Unspecified Vulnerability in Oracle Hospitality Simphony (CNVD-2017-31506)
Oracle Hospitality Applications is a suite of business applications, servers and storage solutions for hospitality management from Oracle Corporation. Oracle Hospitality Simphony is one of the cloud-based mobile food and beverage sales components of the solution, which provides human resource cos...
Unspecified Vulnerability in Oracle Hospitality Simphony (CNVD-2017-31507)
Oracle Hospitality Applications is a suite of business applications, servers and storage solutions for hospitality management from Oracle Corporation. Oracle Hospitality Simphony is one of the cloud-based mobile food and beverage sales components of the solution, which provides human resource cos...
Unspecified Vulnerability in Oracle Hospitality Simphony (CNVD-2017-31509)
Oracle Hospitality Applications is a suite of business applications, servers and storage solutions for hospitality management from Oracle Corporation. Oracle Hospitality Simphony is one of the cloud-based mobile food and beverage sales components of the solution, which provides human resource cos...
WordPress Import any XML or CSV File to WordPress plugin <=3.4.5 - Cross-Site Scripting (XSS) vulnerability
Cross-Site Scripting XSS vulnerability found in WordPress Import any XML or CSV File to WordPress plugin versions =3.4.5. Solution Update the WordPress Import any XML or CSV File to WordPress plugin to the latest available version at least 3.4.6...
Avito: CSS injection in avito.ru via IE11
Hi Team Security @avito I discovered CSS Injection on avito.ru in form search via IE11 Description CSS injection vulnerabilities arise when an application imports a style sheet from a user-supplied URL, or embeds user input in CSS blocks without adequate escaping. They are closely related to...