112 matches found
PT-2021-22139 · Auvesy · Auvesy Webinstaller
Name of the Vulnerable Software and Affected Versions: Auvesy webinstaller affected versions not specified Description: The issue concerns a Golang web server executable used for generating an Auvesy image agent. It allows for resource consumption by creating a large number of installations that...
Red Hat XML Language Support XML Language Server Cross-Site Scripting Vulnerability
Red Hat XML Language Support vscode-xml is the United States Red Hat Red Hat a support for the creation and editing of XML documents Visual Studio Code extensions. XML Language Server is used in one of the XML language server. A cross-site scripting vulnerability exists in Red Hat XML Language...
CVE-2019-18213
XML Language Server aka lsp4xml before 0.9.1, as used in Red Hat XML Language Support aka vscode-xml before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF as well as SMB connection initiation that can lead to NetNTLM challenge/response captu...
CVE-2019-18212
XMLLanguageService.java in XML Language Server aka lsp4xml before 0.9.1, as used in Red Hat XML Language Support aka vscode-xml before 0.9.1 for Visual Studio and other products, allows a remote attacker to write to arbitrary files via Directory Traversal...
CVE-2019-18213
XML Language Server aka lsp4xml before 0.9.1, as used in Red Hat XML Language Support aka vscode-xml before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF as well as SMB connection initiation that can lead to NetNTLM challenge/response captu...
Design/Logic Flaw
XML Language Server aka lsp4xml before 0.9.1, as used in Red Hat XML Language Support aka vscode-xml before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF as well as SMB connection initiation that can lead to NetNTLM challenge/response captu...
CVE-2019-18213
XML Language Server aka lsp4xml before 0.9.1, as used in Red Hat XML Language Support aka vscode-xml before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF as well as SMB connection initiation that can lead to NetNTLM challenge/response captu...
CVE-2019-18213
XML Language Server (lsp4xml) prior to 0.9.1 used in Red Hat XML Language Support (vscode-xml) prior to 0.9.1 is affected. The vulnerability arises in extensions/contentmodel/participants/diagnostics/LSPXMLParserConfiguration.java, where XXE can be triggered by a crafted XML document, leading to ...
CVE-2019-18212
XML Language Service (lsp4xml) in Red Hat XML Language Support (vscode-xml) versions before 0.9.1 is affected by a directory traversal vulnerability that allows a remote attacker to write to arbitrary files via XMLLanguageService.java. The issue is present in the XML Language Server implementatio...
CVE-2019-18212
XMLLanguageService.java in XML Language Server aka lsp4xml before 0.9.1, as used in Red Hat XML Language Support aka vscode-xml before 0.9.1 for Visual Studio and other products, allows a remote attacker to write to arbitrary files via Directory Traversal...
WorldView 6.5/Wnn4 4.2 - Asian Language Server Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/1603/info A remote buffer overflow exists in the Asian language servers portion of a number of different implementations of Wnn. It has been reported that only systems that have WorldView Japanese, Korean, and Chinese installed are vulnerable to this...
SQL Server 2017 RTM Cumulative Update (CU) 14 KB4484710
SQL Server 2017 RTM Cumulative Update CU 14 KB4484710...