SUSE: Security Advisory (SUSE-SU-2017:1910-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

binutils security update

2.30-79.0.1 - Forward-port Oracle patches from 2.30-75.0.1 - Reviewed-by: Jose E. Marchesi 2.30-79 - Fix x86 assemblers handling of non-8-bit displacements. 1869401 2.30-77 - Add tests missing from PTGNUSEGMENT patch. 1870039 2.30-75.0.1 - Forward-port Oracle patches to OL8.3 beta. 2.30-76 - Have...

Zimbra Collaboration Suite ProxyServlet Server Side Request Forgery

Added: 06/06/2019 CVE: CVE-2019-9621 Background Zimbra Collaboration Suite is an email, calendar, and collaboration solution for enterprises. Problem The ProxyServlet component allows a remote attacker to upload arbitrary files, which can then be executed, using XML External Entity injection and...

Security Bulletin: IBM QRadar SIEM is vulnerable to Information Exposure (CVE-2018-1729)

Summary The product discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. Vulnerability Details CVEID: CVE-2018-1729 Description: IBM QRadar discloses sensitive information to unauthorized users. The information can be used to...

Sql injection

reportviewer.do in ServiceNow Release Jakarta Patch 8 and earlier allows remote attackers to execute arbitrary code via '$xyz' Glide Scripting Injection in the sysparmmedia parameter...

CVE-2018-7748

reportviewer.do in ServiceNow Release Jakarta Patch 8 and earlier allows remote attackers to execute arbitrary code via '$xyz' Glide Scripting Injection in the sysparmmedia parameter...

CVE-2018-7748

reportviewer.do in ServiceNow Release Jakarta Patch 8 and earlier allows remote attackers to execute arbitrary code via '$xyz' Glide Scripting Injection in the sysparmmedia parameter...

CVE-2018-7748

CVE-2018-7748 affects ServiceNow (Report_viewer.do) on Jakarta releases up to Patch 8, via a Glide Scripting Injection in the sysparm_media parameter. The underlying issue is remote arbitrary code execution. The provided sources identify the vulnerable component as report_viewer.do and the inject...

McAfee VirusScan Enterprise CVE-2016-8030 Memory Corruption Vulnerability - Windows

McAfee VirusScan Enterprise for Windows is prone to a remote memory-corruption vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only C...

HP-UX Security Patch : PHSS_33392

X OV NNM7.01 Intermediate Patch 8 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26800; scriptversion"1.9"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11"...

Cross site scripting

Cross-site scripting XSS vulnerability in the Hosting Control Panel psoft.hsphere.CP in Positive Software H-Sphere 2.4.3 Patch 8 and earlier allows remote attackers to inject arbitrary web script or HTML via the login parameter in a login action...