11 matches found
EUVD-2021-26979
Malware in sbrugna...
EUVD-2015-9059
Malware in sbrugna...
USN-7647-1 ledgersmb vulnerabilities
It was discovered that LedgerSMB did not check the origin of HTML fragments. An attacker could possibly use this issue to send a maliciously crafted URL to the server and obtain sensitive information, or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubun...
Cross-site Scripting (XSS)
Overview org.wso2.carbon.identity.framework:org.wso2.carbon.identity.user.store.configuration.ui is an User Store UI component for WSO2 Carbon Affected versions of this package are vulnerable to Cross-site Scripting XSS due to insufficient output encoding in error messages generated by the JDBC...
CVE-2021-32668
TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When error messages are not properly encoded, the components QueryGenerator and QueryView are vulnerable to...
Denial of service
A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service...
PT-2022-10851 · Ibm · Ibm Guardium Data Encryption
Name of the Vulnerable Software and Affected Versions: IBM Guardium Data Encryption GDE versions 4.0.0 through 5.0.0 Description: The issue arises from IBM Guardium Data Encryption GDE preparing a structured message for communication with another component, but the encoding or escaping of the dat...
LedgerSMB 跨站脚本漏洞
LedgerSMB is a free web-based double-entry bookkeeping system with quoting, ordering, invoicing, projects, time cards, inventory management, shipping, etc. A cross-site scripting vulnerability exists in LedgerSMB, which stems from the application's failure to adequately encode HTML for error...
ALPINE-CVE-2020-28196
MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit...
Hacking AIS
Maritime AIS, or ‘Automatic Identification System’ is used for broadcast and reception of vessel position and information alerts. It has proved invaluable since its introduction in the 1990s and has undoubtedly helped prevent many marine accidents, collisions and related incidents. Previous...
Zend Server Zend Debugger Cross-Site Scripting Vulnerability
Zend Server is a PHP Web development application server from Zend Technologies , which simplifies the development and running of PHP applications in Windows and Linux environments.Zend Debugger is one of the debugging tools. A cross-site scripting vulnerability exists in Zend Debugger in versions...