EUVD-2009-4467

Malware in sbrugna...

The vulnerability of SIMATIC PCS, SIMATIC WinCC Runtime Professional, and SIMATIC WinCC control systems lies in the unauthorized provision of information to unauthorized individuals, allowing intruders to gain unauthorized access to protected information.

The vulnerability of SIMATIC PCS, SIMATIC WinCC Runtime Professional, and SIMATIC WinCC control systems lies in the unauthorized provision of information to unauthorized individuals due to improperly processed requests. Exploiting this vulnerability can allow an intruder to gain unauthorized acce...

Menu Item Extras - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2019-050

This module enables you to handle fields for Custom Menu Links. The module doesn't sufficiently check requests to one of the module controllers if the user has permission 'administer menu'. This vulnerability is mitigated by the fact that an attacker must have a role with the permission to create...

JP1/Integrated Management Service Support Cross-Site Scripting Vulnerability

Overview JP1/Integrated Management Service Support is vulnerable to cross-site scripting due to failure to properly process requests. Impact An attacker could perform cross-site scripting attacks by embedding malicious scripts in a request. Solution Please refer to the 'Vendor Information' sectio...

Rediff Bol 2.0.2 - URL Handling Denial of Service

source: https://www.securityfocus.com/bid/6670/info It has been reported that a problem in Rediff Bol may allow remote users to log other users out of the Bol chat client. Due to improper handling of some types of requests, a remote user could send an URL request to the client in the form of a...

Дырка в AppleShare IP

При неправильном запросе range http сервер возвращает до 32 K лишней информации, которая может содержать сенситивные данные...