CVE-2026-44308

Spring Cloud AWS simplifies using AWS managed services in a Spring and Spring Boot applications. From 3.0.0 to 4.0.1, pplications using Spring Cloud AWS SNS HTTP/HTTPS endpoint support @NotificationMessageMapping, @NotificationSubscriptionMapping, @NotificationUnsubscribeConfirmationMapping did n...

EUVD-2018-8121

Malware in sbrugna...

MantisBT Host Header Injection vulnerability

Impact Knowing a user's email address and username, an unauthenticated attacker can hijack the user's account by poisoning the link in the password reset notification message. Patches https://github.com/mantisbt/mantisbt/commit/7055731d09ff12b2781410a372f790172e279744 Workarounds Define $gpath as...

CVE-2024-23830 MantisBT Host Header Injection vulnerability

MantisBT is an open source issue tracker. Prior to version 2.26.1, an unauthenticated attacker who knows a user's email address and username can hijack the user's account by poisoning the link in the password reset notification message. A patch is available in version 2.26.1. As a workaround,...

CVE-2023-37829

A cross-site scripting XSS vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the notification.message parameter...

CVE-2023-37829

A cross-site scripting XSS vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the notification.message parameter...

CVE-2023-37829

A cross-site scripting XSS vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the notification.message parameter...

General Solutions Steiner CASE 3 Taskmanagement Cross-Site Scripting Vulnerability

General Solutions Steiner CASE 3 Taskmanagement is an application from General Solutions Steiner, Austria. A security vulnerability exists in General Solutions Steiner CASE 3 Taskmanagement version V3.3. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a...

Juniper Junos OS Vulnerability (JSA11009)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11009 advisory. - A race condition vulnerability on Juniper Network Junos OS devices may cause the routing protocol daemon RPD process to crash and restart while processing a BGP NOTIFICATI...

Notimoo 跨站脚本漏洞

Notimoo is a method for web developers to display notifications to users. PaquitoSoftware Notimoo suffers from a cross-site scripting vulnerability that can be exploited by attackers to execute arbitrary web script or HTML via a carefully crafted header or message in a notification...

Exploit for Cross-site Scripting in Seafile

CVE-2021-30146 Seafile 7.0.5 Persistent XSS Suggested descri...

Denial Of Service (DoS)

pidgin is vulnerable to denial of service DoS. The vulnerability exists as multiple NULL pointer dereference flaws were found in the way the Pidgin Yahoo! Messenger Protocol plug-in handled malformed YMSG packets. A remote attacker could use these flaws to crash Pidgin via a specially-crafted...

CVE-2020-1613

A vulnerability in the BGP FlowSpec implementation may cause a Juniper Networks Junos OS device to terminate an established BGP session upon receiving a specific BGP FlowSpec advertisement. The BGP NOTIFICATION message that terminates an established BGP session is sent toward the peer device that...

EulerOS Virtualization 2.5.3 : systemd (EulerOS-SA-2019-1180)

According to the versions of the systemd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way systemd handled empty notification messages. A local attacker could use this flaw to make systemd...

CVE-2018-5133

If the "app.support.baseURL" preference is changed by a malicious local program to contain HTML and script content, this content is not sanitized. It will be executed if a user loads "chrome://browser/content/preferences/in-content/preferences.xul" directly in a tab and executes a search. This...

Description of the cumulative update for Lync Server 2010, Administrative Tools: February 2012

Describes the issues that are resolved in the cumulative update package for Lync Server 2010, Administration Tools that is dated February 2012.SummaryThis article describes the issues that are fixed in the update package for Microsoft Lync Server 2010, Administration Tools that is dated February...

RHEL 6 : pidgin (RHSA-2011:0616)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0616 advisory. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. Multiple...

Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger

DESCRIPTION: I’ve found a cross-site scripting vulnerability in Yahoo! Messenger, a popular advertisement-supported instant messaging client and protocol provided by Yahoo! Attacker can inject a malicious script with local privilege to Y!M notification message. The vulnerability is discovered in...

Symantec Antivirus format string security vulnerability

Format string vulnerability in Virus Alert Notification Message templates...