21 matches found
EUVD-2014-2769
Malware in sbrugna...
EUVD-2012-4594
Malware in sbrugna...
EUVD-2022-50393
Malicious code in bioql PyPI...
CVE-2022-47634
M-Link Archive Server in Isode M-Link R16.2v1 through R17.0 before R17.0v24 allows non-administrative users to access and manipulate archive data via certain HTTP endpoints, aka LINK-2867...
CVE-2012-4669
M-Link R14.6 before R14.6v14 and R15.1 before R15.1v10 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted...
CVE-2022-47634
M-Link Archive Server in Isode M-Link R16.2v1 through R17.0 before R17.0v24 allows non-administrative users to access and manipulate archive data via certain HTTP endpoints, aka LINK-2867...
CVE-2022-47634
M-Link Archive Server in Isode M-Link R16.2v1 through R17.0 before R17.0v24 allows non-administrative users to access and manipulate archive data via certain HTTP endpoints, aka LINK-2867...
Code injection
M-Link Archive Server in Isode M-Link R16.2v1 through R17.0 before R17.0v24 allows non-administrative users to access and manipulate archive data via certain HTTP endpoints, aka LINK-2867...
CVE-2022-47634
Isode M‑Link vulnerability CVE-2022-47634 affects Isode M-Link versions R16.2v1 through R17.0 prior to R17.0v24. The issue allows non‑administrative users to access and manipulate archive data via certain HTTP endpoints (LINK-2867). Remediation per PT-2023-15445 is to upgrade to version R17.0v24 ...
CVE-2022-47634
M-Link Archive Server in Isode M-Link R16.2v1 through R17.0 before R17.0v24 allows non-administrative users to access and manipulate archive data via certain HTTP endpoints, aka LINK-2867...
CVE-2022-47634
M-Link Archive Server in Isode M-Link R16.2v1 through R17.0 before R17.0v24 allows non-administrative users to access and manipulate archive data via certain HTTP endpoints, aka LINK-2867...
PT-2023-15445 · Isode · M-Link
Name of the Vulnerable Software and Affected Versions: Isode M-Link versions R16.2v1 through R17.0 before R17.0v24 Description: The issue allows non-administrative users to access and manipulate archive data via certain HTTP endpoints. Recommendations: For versions R16.2v1 through R17.0 before...
Isode M-Link 安全漏洞
Isode M-Link is an Isode core instant messaging and status server based on the XMPP Extensible Messaging and Status Protocol standard from Isode UK. A security vulnerability exists in Isode M-Link versions R16.2v1 through R17.0v23, which stems from a vulnerability that allows unmanaged users to...
CVE-2014-2742
Isode M-Link before 16.0v7 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service resource consumption via a crafted XMPP stream, aka an "xmppbomb" attack...
Code injection
Isode M-Link before 16.0v7 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service resource consumption via a crafted XMPP stream, aka an "xmppbomb" attack...
CVE-2014-2742
Isode M-Link before 16.0v7 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service resource consumption via a crafted XMPP stream, aka an "xmppbomb" attack...
CVE-2014-2742
Summary: CVE-2014-2742 affects Isode M-Link prior to version 16.0v7. The issue is a failure to properly restrict the processing of compressed XML elements, enabling a remote attacker to trigger a denial of service through a crafted XMPP stream (an “xmppbomb”). Affected software: Isode M-Link (bef...
Cross site request forgery (csrf)
M-Link R14.6 before R14.6v14 and R15.1 before R15.1v10 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted...
CVE-2012-4669
M-Link R14.6 before R14.6v14 and R15.1 before R15.1v10 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted...
CVE-2012-4669
The CVE-2012-4669 entry concerns M-Link R14.6 (before R14.6v14) and R15.1 (before R15.1v10). The vulnerability arises because the XMPP Server Dialback verification does not verify that a request was made for a Dialback response, enabling remote XMPP servers to spoof domains via responses for doma...