19 matches found
EUVD-2020-25291
Malware in sbrugna...
EUVD-2021-23988
Malware in sbrugna...
CVE-2021-37423
Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to linked applications takeover...
USN-6137-1 libraw vulnerabilities
It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code...
libXpm: Infinite loop on unclosed comments
A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library...
ZOHO ManageEngine ADSelfService Plus has an unspecified vulnerability
ZOHO ManageEngine ADSelfService Plus is ZOHO's integrated self-service password management and single sign-on solution for Active Directory and cloud applications. versions have a security vulnerability that stems from the vulnerability of the system to takeover by linked applications. Detailed...
CVE-2021-37423
Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to linked applications takeover...
Code injection
Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to linked applications takeover...
CVE-2021-37423
Technical details are not publicly available in the provided documents for CVE-2021-37423; specifics on affected versions, root cause, or mitigations are not disclosed here. Monitor for updates from official advisories.
CVE-2021-37423
Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to linked applications takeover...
ZOHO ManageEngine ADSelfService Plus 安全漏洞
ZOHO ManageEngine ADSelfService Plus is ZOHO's integrated self-service password management and single sign-on solution for Active Directory and cloud applications. versions have a security vulnerability that stems from the vulnerability of the system to takeover by linked applications. Detailed...
CVE-2020-4026
The CustomAppsRestResource list resource in Atlassian Navigator Links before version 3.3.23, from version 4.0.0 before version 4.3.7, from version 5.0.0 before 5.0.1, and from version 5.1.0 before 5.1.1 allows remote attackers to enumerate all linked applications, including those that are...
Authorization
The CustomAppsRestResource list resource in Atlassian Navigator Links before version 3.3.23, from version 4.0.0 before version 4.3.7, from version 5.0.0 before 5.0.1, and from version 5.1.0 before 5.1.1 allows remote attackers to enumerate all linked applications, including those that are...
The bundled version of Atlassian Navigator Links contained an incorrect authorization check - CVE-2020-4026
The bundled version of Atlassian Navigator Links plugin in Atlassian Fisheye before version 4.8.2 allows remote attackers to enumerate all linked applications, including those that are restricted or otherwise hidden, through an incorrect authorization check. Additional details about the issue in...
Denial Of Service (DoS)
The libtiff package is vulnerable to Denial Of Service DoS.Due to integer overflow flaws discovered in libtiff, an attacker can create a specially-crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code...
Fedora 20 : glibc-2.18-9.fc20 (2013-17423)
Existing statically linked applications must be rebuilt to fix CVE-2013-4788. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
/rest/menu/1.0/appswitcher displays data unauthenticated
"Calling" this function returns data without any authentication required: noformat curl https://support.atlassian.com/rest/menu/latest/appswitcher | python -mjson.tool % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 787 0 787 0 0 531 0...
SuSE 10 Security Update : firefox3-pango (ZYPP Patch Number 7460)
The following bug has been fixed : - Specially crafted font files could cause a heap corruption in applications linked against pango. CVE-2011-0020 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...
Mandrake Linux Security Advisory : zlib (MDKSA-2005:124)
A previous zlib update MDKSA-2005:112; CVE-2005-2096 fixed an overflow flaw in the zlib program. While that update did indeed fix the reported overflow issue, Markus Oberhumber discovered additional ways that a specially crafted compressed stream could trigger an overflow. An attacker could creat...