EUVD-2014-0056

Malware in sbrugna...

EUVD-2015-7243

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2015-7317

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kupu 3.3.0 through 3.3.6, 4.0.0 through 4.0.10, 4.1.0 through 4.1.6, and 4.2.0 through 4.2.7 allows remote authenticated users to edit Kupu settings...

Plone DoS via Crafted URL

kupuspellcheck.py in Kupu in Plone before 4.0 allows remote attackers to cause a denial of service ZServer thread lock via a crafted URL...

GHSA-GX6W-HCW3-5R37 Plone DoS via Crafted URL

kupuspellcheck.py in Kupu in Plone before 4.0 allows remote attackers to cause a denial of service ZServer thread lock via a crafted URL...

Kupu Privilege Access Control Vulnerability

Kupu is an open source text editor. A security vulnerability exists in Kupu. A remote attacker can exploit this vulnerability to edit Kupu settings...

Code injection

Kupu 3.3.0 through 3.3.6, 4.0.0 through 4.0.10, 4.1.0 through 4.1.6, and 4.2.0 through 4.2.7 allows remote authenticated users to edit Kupu settings...

CVE-2015-7317

Kupu 3.3.0 through 3.3.6, 4.0.0 through 4.0.10, 4.1.0 through 4.1.6, and 4.2.0 through 4.2.7 allows remote authenticated users to edit Kupu settings...

CVE-2015-7317

CVE-2015-7317 affects Kupu editor versions 3.3.0–3.3.6, 4.0.0–4.0.10, 4.1.0–4.1.6, and 4.2.0–4.2.7. The vulnerability allows remote authenticated users to edit Kupu settings. The provided sources (NVD entry and related Nessus/ CNVD records) confirm the affected ranges and the permission context b...

CVE-2015-7317

Kupu 3.3.0 through 3.3.6, 4.0.0 through 4.0.10, 4.1.0 through 4.1.6, and 4.2.0 through 4.2.7 allows remote authenticated users to edit Kupu settings...

CVE-2012-5496

kupuspellcheck.py in Kupu in Plone before 4.0 allows remote attackers to cause a denial of service ZServer thread lock via a crafted URL...

Design/Logic Flaw

kupuspellcheck.py in Kupu in Plone before 4.0 allows remote attackers to cause a denial of service ZServer thread lock via a crafted URL...

PYSEC-2014-38

kupuspellcheck.py in Kupu in Plone before 4.0 allows remote attackers to cause a denial of service ZServer thread lock via a crafted URL...

PYSEC-2014-38

kupuspellcheck.py in Kupu in Plone before 4.0 allows remote attackers to cause a denial of service ZServer thread lock via a crafted URL...

CVE-2012-5496

kupuspellcheck.py in Kupu in Plone before 4.0 allows remote attackers to cause a denial of service ZServer thread lock via a crafted URL...

CVE-2012-5496

CVE-2012-5496 affects kupu_spellcheck.py in Kupu for Plone before 4.0, where a crafted URL can trigger a denial-of-service by locking the ZServer thread. Descriptions across connected advisories confirm the DoS via crafted URL vulnerability; no exploitation details or affected versions beyond “Pl...