79 matches found
EUVD-2019-4599
Malware in sbrugna...
EUVD-2008-0726
Malware in sbrugna...
EUVD-2023-26238
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2019-13031
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LemonLDAP::NG before 1.9.20 has an XML External Entity XXE issue when submitting a notification to the notification server. By default, the notification server ...
CVE-2023-22073
Vulnerability in the Oracle Notification Server component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware wher...
CVE-2019-13031
LemonLDAP::NG before 1.9.20 has an XML External Entity XXE issue when submitting a notification to the notification server. By default, the notification server is not enabled and has a "deny all" rule...
CVE-2022-36978
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Notification...
Gorush 安全漏洞
Gorush is a push notification server written in Go by Bo-Yi Wu, an individual developer. A security vulnerability exists in Gorush v1.18.4, which stems from the use of a deprecated version of TLS in the RunHTTPServer function. An attacker can use this vulnerability to intercept and manipulate dat...
CVE-2023-22073
Vulnerability in the Oracle Notification Server component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware wher...
CVE-2023-22073
Vulnerability in the Oracle Notification Server component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware wher...
Buffer overflow
Vulnerability in the Oracle Notification Server component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware wher...
CVE-2023-22073
CVE-2023-22073 affects Oracle Database Server’s Oracle Notification Server component. Affected versions are 19.3–19.20 and 21.3–21.11. The vulnerability allows an unauthenticated attacker with access to the physical network segment to compromise Oracle Notification Server and read a subset of dat...
Oracle Database Server Security Vulnerability
Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing, and other functions. A security vulnerability in the Oracle Notification Server component of Oracle Databas...
CVE-2023-3663
In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received via HTTP by the CODESYS notification server...
CVE-2023-3663
CVE-2023-3663 concerns the CODESYS Development System: versions 3.5.11.0–3.5.19.20 suffer a missing integrity check in the HTTP notification content, allowing an unauthenticated remote attacker to manipulate notifications sent by the CODESYS notification server. This can enable MITM-style manipul...
CVE-2023-3663 CODESYS: Missing integrity check in CODESYS Development System
In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received via HTTP by the CODESYS notification server...
CODESYS Development System Data Falsification Issue Vulnerability
3s-smart Software Solutions CODESYS Development System is a suite of programming tools for the field of industrial controllers and automation technology from 3s-smart Software Solutions, Germany. A data forgery vulnerability exists in CODESYS Development System versions 3.5.11.20 through 3.5.19.2...
PT-2023-4166 · 3S Smart Software Solutions · Codesys Development System
Name of the Vulnerable Software and Affected Versions: CODESYS Development System versions 3.5.11.20 through 3.5.19.20 Description: The issue is related to insufficient data authentication in the CODESYS Development System, which may allow a remote attacker to modify the content of notifications...
CVE-2022-36978
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Notification...
CVE-2022-36978
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Notification...