UBUNTU-CVE-2021-4249

A vulnerability was found in xml-conduit. It has been classified as problematic. Affected is an unknown function of the file xml-conduit/src/Text/XML/Stream/Parse.hs of the component DOCTYPE Entity Expansion Handler. The manipulation leads to infinite loop. It is possible to launch the attack...

DEBIAN-CVE-2022-4603

A vulnerability classified as problematic has been found in ppp. Affected is the function dumpppp of the file pppdump/pppdump.c of the component pppdump. The manipulation of the argument spkt.buf/rpkt.buf leads to improper validation of array index. The real existence of this vulnerability is sti...

Design/Logic Flaw

A vulnerability was found in kapetan dns up to 6.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file DNS/Protocol/Request.cs. The manipulation leads to insufficient entropy in prng. The attack may be launched remotely. Upgrading to version 7.0.0...

CVE-2021-4248 kapetan dns Request.cs entropy

A vulnerability was found in kapetan dns up to 6.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file DNS/Protocol/Request.cs. The manipulation leads to insufficient entropy in prng. The attack may be launched remotely. Upgrading to version 7.0.0...

CVE-2022-4582

A vulnerability was found in starter-public-edition-4 up to 4.6.10. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 4.6.11 is able to address this issue. The...

CVE-2022-4582 starter-public-edition-4 cross site scripting

A vulnerability was found in starter-public-edition-4 up to 4.6.10. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 4.6.11 is able to address this issue. The...

CVE-2021-4245

A vulnerability classified as problematic has been found in chbrown rfc6902. This affects an unknown part of the file pointer.ts. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The exploit has been disclosed to the public and may...

CVE-2022-4513 European Environment Agency eionet.contreg cross site scripting

A vulnerability, which was classified as problematic, has been found in European Environment Agency eionet.contreg. This issue affects some unknown processing. The manipulation of the argument searchTag/resourceUri leads to cross site scripting. The attack may be initiated remotely. Upgrading to...

CVE-2022-4522 CalendarXP cross site scripting

A vulnerability classified as problematic was found in CalendarXP up to 10.0.1. This vulnerability affects unknown code. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 10.0.2 is able to address this issue. The name of the patch is...

PT-2022-27448 · Vexim2 · Vexim2

Name of the Vulnerable Software and Affected Versions: vexim2 affected versions not specified Description: A vulnerability has been found in vexim2, affecting some unknown processing, which leads to cross site scripting. The attack may be initiated remotely. Recommendations: To fix this issue, it...

UBUNTU-CVE-2019-25078

A vulnerability classified as problematic was found in pacparser up to 1.3.x. Affected by this vulnerability is the function pacparserfindproxy of the file src/pacparser.c. The manipulation of the argument url leads to buffer overflow. Attacking locally is a requirement. Upgrading to version 1.4....

DEBIAN-CVE-2022-3979

A vulnerability was found in NagVis up to 1.9.33 and classified as problematic. This issue affects the function checkAuthCookie of the file share/server/core/classes/CoreLogonMultisite.php. The manipulation of the argument hash leads to incorrect type conversion. The attack may be initiated...

CVE-2022-3979

A vulnerability was found in NagVis up to 1.9.33 and classified as problematic. This issue affects the function checkAuthCookie of the file share/server/core/classes/CoreLogonMultisite.php. The manipulation of the argument hash leads to incorrect type conversion. The attack may be initiated...

ALPINE-CVE-2022-3970

A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tifgetimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and m...

CVE-2022-3978 NodeBB abort cross-site request forgery

A vulnerability, which was classified as problematic, was found in NodeBB up to 2.5.7. This affects an unknown part of the file /register/abort. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 2.5.8 is able to address this...

CVE-2022-3969 OpenKM FileUtils.java getFileExtension temp file

A vulnerability was found in OpenKM up to 6.3.11 and classified as problematic. Affected by this issue is the function getFileExtension of the file src/main/java/com/openkm/util/FileUtils.java. The manipulation leads to insecure temporary file. Upgrading to version 6.3.12 is able to address this...

UBUNTU-CVE-2022-3957

A vulnerability classified as problematic was found in GPAC. Affected by this vulnerability is the function svgparsepreserveaspectratio of the file scenegraph/svgattributes.c of the component SVG Parser. The manipulation leads to memory leak. The attack can be launched remotely. The name of the...

DEBIAN-CVE-2022-3704

A vulnerability classified as problematic has been found in Ruby on Rails. This affects an unknown part of the file actionpack/lib/actiondispatch/middleware/templates/routes/table.html.erb. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The real...

UBUNTU-CVE-2022-3559

A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this...

PT-2022-6819 · Ppp +3 · Ppp +3

Name of the Vulnerable Software and Affected Versions: ppp affected versions not specified Description: The issue is related to the function dumpppp of the file pppdump/pppdump.c of the component pppdump. It involves improper validation of array index due to the manipulation of the argument...