92 matches found
EUVD-2026-19484
OCS Inventory NG Server version 2.12.3 and prior contain a stored cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript by submitting malicious User-Agent HTTP headers to the /ocsinventory endpoint. Attackers can register rogue agents or craft...
EUVD-2009-0669
Malware in sbrugna...
EUVD-2023-44361
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-3726
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OCSInventory allow stored email template with special characters that lead to a Stored cross-site Scripting. CVE-2023-3726 Note that Nessus relies on the presen...
Ubuntu: Security Advisory (USN-6914-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2023-3726
OCSInventory allow stored email template with special characters that lead to a Stored cross-site Scripting...
CVE-2023-3726
OCSInventory allow stored email template with special characters that lead to a Stored cross-site Scripting...
UBUNTU-CVE-2023-3726
OCSInventory allow stored email template with special characters that lead to a Stored cross-site Scripting...
CVE-2023-3726
OCSInventory allow stored email template with special characters that lead to a Stored cross-site Scripting...
CVE-2023-3726 OCSInventory-ocsreports 2.12.0 - Stored cross-site Scripting
OCSInventory allow stored email template with special characters that lead to a Stored cross-site Scripting...
CVE-2023-3726 OCSInventory-ocsreports 2.12.0 - Stored cross-site Scripting
OCSInventory allow stored email template with special characters that lead to a Stored cross-site Scripting...
CVE-2023-3726
Summary of CVE-2023-3726 : The vulnerability affects OCSInventory (notably the email template handling) where a stored cross-site scripting (Stored XSS) condition arises from allowing templates to contain special characters. The root cause, as described, is the improper handling of content in a s...
PT-2023-25863 · Unknown +1 · Ocs Inventory Ng +1
Name of the Vulnerable Software and Affected Versions: OCSInventory affected versions not specified Description: The issue allows stored email templates with special characters, leading to a Stored cross-site Scripting. Recommendations: At the moment, there is no information about a newer version...
Debian: Security Advisory (DLA-3486-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3486-1] ocsinventory-server update for php-cas
Debian LTS Advisory DLA-3486-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost July 08, 2023 https://wiki.debian.org/LTS Package : ocsinventory-server Version : 2.5+dfsg1-1+deb10u1 CVE ID : n/a Debian Bug : The source package ocsinventory-server, a Hardware and...
DLA-3486-1 ocsinventory-server - security update
Bulletin has no description...
SUSE CVE-2010-4777
The Perlregnumberedbufffetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service assertion failure and application exit via crafted input that is not properly handled when using certain...
Mageia: Security Advisory (MGASA-2014-0317)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for ocsinventory-agent (FEDORA-2020-4c8a066b83)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 31 : ocsinventory-agent (2020-4c8a066b83)
Per Upstream, a malicious CA could result in unexpected inventory access with the System CA patch. The risk is very low. That patch is now dropped. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempte...