Siemens SINEC INS 资源管理错误漏洞

Siemens SINEC INS is a software from Siemens, Germany, that provides centralized services for network infrastructures. An uncontrolled resource consumption vulnerability exists in Siemens SINEC INS, which can be exploited by an attacker to trigger a large number of logged events to exhaust system...

Ubuntu Update for pidgin vulnerability USN-548-1

Ubuntu Update for Linux kernel vulnerabilities USN-548-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5481.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for pidgin vulnerability USN-548-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Logging event information is not HTML encoded in 500 error page

The Confluence 500 error page lists logging events generated during the request the produced the 500 error page. The strings rendered from this event are not HTML encoded, leaving open a chance for an attacker to exploit this via XSS. I haven't yet investigated to see whether this is actually...

Logging event information is not HTML encoded in 500 error page

The Confluence 500 error page lists logging events generated during the request the produced the 500 error page. The strings rendered from this event are not HTML encoded, leaving open a chance for an attacker to exploit this via XSS. I haven't yet investigated to see whether this is actually...

CVE-1999-0576

A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories...