6348 matches found
CVE-2021-39275
apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...
CVE-2021-39275
apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...
UBUNTU-CVE-2021-39275
apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...
CVE-2021-39275
apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...
CVE-2021-39275 ap_escape_quotes buffer overflow
apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...
Drupal 8.9.x < 8.9.19 Multiple Vulnerabilities
According to its self-reported version, the instance of Drupal running on the remote web server is 8.9.x prior to 8.9.19, 9.1.x prior to 9.1.13, or 9.2.x prior to 9.2.6. It is, therefore, affected by multiple vulnerabilities. - Under some circumstances, the Drupal core JSON:API module does not...
Apache Httpd < 2.4.49 : ap_escape_quotes buffer overflow
apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...
Improper access control
Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information via the 'FileManager.editFile' function in the component 'modules/filemanager/FileManagerController.java'...
CVE-2021-38176
Due to improper input sanitization, an authenticated user with certain specific privileges can remotely call NZDT function modules listed in Solution Section to execute manipulated query or inject ABAP code to gain access to Backend Database. On successful exploitation the threat actor could...
Input validation
Due to improper input sanitization, an authenticated user with certain specific privileges can remotely call NZDT function modules listed in Solution Section to execute manipulated query or inject ABAP code to gain access to Backend Database. On successful exploitation the threat actor could...
PT-2021-7529
Name of the Vulnerable Software and Affected Versions Modicon M340 CPUs versions prior to V3.40 Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 H, BMXNOE0110 H, BMXNOC0401, BMXNOR0200H RTU All Versions Modicon Premium Processors with integrated Ethernet Copro: TSXP574634, TSXP575634,...
PT-2021-7528 · Schneider Electric · Modicon M340 X80 Ethernet Communication Modules +5
Name of the Vulnerable Software and Affected Versions: Modicon M340 CPUs versions prior to V3.40 Modicon M340 X80 Ethernet Communication Modules versions all versions Modicon Premium Processors with integrated Ethernet versions all versions Modicon Quantum Processors with Integrated Ethernet...
Vulnerabilities fixed in Google Android
Google has fixed vulnerabilities in the Android OS. A malicious party could misuse the vulnerabilities to gain access to sensitive data or give himself elevated privileges. To do this, the malicious party must trick the victim into installing a rogue app to install. The vulnerability with referen...
TIGMINT - OSINT (Open Source Intelligence) GUI Software Framework
An OSINT Open Source Intelligence software framework with an objective of making cyber investigations more convinient by implementing abstraction mechanisms to hide the background technical complexity also bundling different analysis techniques for social media Intelligence together providing a...
Zuthaka - An Open Source Application Designed To Assist Red-Teaming Efforts, By Simplifying The Task Of Managing Different APTs And Other Post-Exploitation Tools
A collaborative free open-source Command & Control integration framework that allows developers to concentrate on the core function and goal of their C2. Explore the docs » About the project Problem Statement The current C2s ecosystem has rapidly grown in order to adapt to modern red team...
openSUSE 15 Security Update : xen (openSUSE-SU-2021:2923-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2923-1 advisory. - Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosure via...
SUSE SLED15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2021:2923-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2923-1 advisory. Update to Xen 4.13.3 general bug fix release bsc1027519. Security issues fixed: - CVE-2021-28693: xen/arm: Boot modules are not scrubb...
com.avast:sst-app-monix_3 (>=0.17.0 <=0.19.3), com.avast:sst-app-zio_3 (>=0.17.0 <=0.19.3) +23 more potentially affected by CVE-2021-39185 via org.http4s:http4s-server_3 (>=0.22.0 <=0.22.2)
org.http4s:http4s-server3 MAVEN version =0.22.0, =0.17.0, =0.17.0, =0.16.0, =0.17.0, =0.16.0, =0.17.0, =0.16.0, =0.16.0, =0.17.0, =0.17.0, =0.16.0, =0.16.0, =0.18.1, =0.22.0, =0.22.0, =0.22.15 and more Source cves: CVE-2021-39185 Source advisory: OSV:GHSA-52CF-226F-RHR6...
DEBIAN-CVE-2021-39135
@npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder...
UBUNTU-CVE-2021-39135
@npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder...