CVE-2019-12940

LiveZilla Server before 8.0.1.1 is vulnerable to Denial Of Service memory consumption in knowledgebase.php via a large integer value of the depth parameter...

Qualys Cloud Platform 2.35 New Features

This release of the Qualys Cloud Platform version 2.35 includes updates and new features for AssetView, Cloud Agent, Security Assessment Questionnaire, and Web Application Scanning, highlights as follows. Note: this post has been edited after publishing to remove the Rule-Based Method to...

CVE-2018-1000115

It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service DDoS attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causi...

CVE-2017-15869

Cross-site scripting XSS vulnerability in knowledgebase.php in LiveZilla before 7.0.8.9 allows remote attackers to inject arbitrary web script or HTML via the search-for parameter...

CVE-2017-15869

Cross-site scripting XSS vulnerability in knowledgebase.php in LiveZilla before 7.0.8.9 allows remote attackers to inject arbitrary web script or HTML via the search-for parameter...

CVE-2017-15869

Cross-site scripting XSS vulnerability in knowledgebase.php in LiveZilla before 7.0.8.9 allows remote attackers to inject arbitrary web script or HTML via the search-for parameter...

LiveZilla knowledgebase.php file cross-site scripting vulnerability

LiveZilla is a free online customer service system from the German company LiveZilla. The system provides real-time monitoring of visitors, offline messages, GeoTracking map tracking, access statistics, online chat and other features. A cross-site scripting vulnerability exists in the...

RedHat Update for httpd RHSA-2017:1721-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: python27 security, bug fix, and enhancement update

Updated python27 packages are now available as a part of Red Hat Software Collections 2.4 for Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Rockwell Automation FactoryTalk Activation

CVSS v3 8.8 REPOSTED INFORMATION This advisory was originally posted to the NCCIC Portal on February 16, 2017, and is being released to the ICS-CERT web site. AFFECTED PRODUCTS The following versions of FactoryTalk Activation, a component of FactoryTalk Services Platform, are affected: FactoryTal...

RHEL 7 : kernel (RHSA-2016:2695)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:2695 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: It was found that the Linux kernel's IPv6...

Emerson DeltaV Easy Security Management Application Vulnerability

OVERVIEW Emerson has released a publication to inform its users of a vulnerability that affects DeltaV Easy Security Management. Emerson is terminating support for the DeltaV Easy Security Management application and highly recommends all users uninstall it from all DeltaV and non-DeltaV...

knowledgebase.trendify.io vulnerability

Vulnerable URL: http://knowledgebase.trendify.io/out?url=https://www.xssposed.org Details: Description| Value ---|--- Patched:| Yes, at 21.12.2015 Latest check for patch:| 21.12.2015 16:07 GMT Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google Pagerank| 0 VIP...

Multiple Cross-Site Scripting Vulnerabilities in Owl Intranet Knowledgebase

Owl Intranet Knowledgebase is a multi-user document management system. Multiple cross-site scripting vulnerabilities in Owl Intranet Knowledgebase 1.10 allow remote attackers to inject arbitrary web script or HTML via authentication by leveraging searches in the title field of browsephp or to...

CVE-2013-4754

Multiple cross-site scripting XSS vulnerabilities in Owl Intranet Knowledgebase 1.10 allow remote authenticated users to inject arbitrary web script or HTML via 1 the Search field to browse.php or 2 the Title field to prefs.php...

CVE-2013-4754

Multiple cross-site scripting XSS vulnerabilities in Owl Intranet Knowledgebase 1.10 allow remote authenticated users to inject arbitrary web script or HTML via 1 the Search field to browse.php or 2 the Title field to prefs.php...

CVE-2013-4754

CVE-2013-4754 affects Owl Intranet Knowledgebase 1.10. The vulnerability is multiple cross-site scripting (XSS) flaws that allow remote authenticated users to inject arbitrary web script or HTML via (1) the Search field to browse.php and (2) the Title field to prefs.php. Root cause: unsanitized u...

RHEL 6 : rhevm 3.1.2 (RHSA-2013:0211)

Updated rhevm packages that fix two security issues and various bugs are now available. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for each...

Updated openssl packages fix security vulnerabilities

This update adds support for the TLS Fallback Signaling Cipher Suite Value TLSFALLBACKSCSV, which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol...

Important: Red Hat Security Advisory: httpcomponents-client security update

Updated httpcomponents-client packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...