755 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-27775
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavio...
Linux Distros Unpatched Vulnerability : CVE-2015-8952
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mbcache feature in the ext2 and ext4 filesystem implementations in the Linux kernel before 4.6 mishandles xattr block caching, which allows local users to...
Linux Distros Unpatched Vulnerability : CVE-2019-25078
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as problematic was found in pacparser up to 1.3.x. Affected by this vulnerability is the function pacparserfindproxy of the file...
Huawei EulerOS: Security Advisory for libsoup (EulerOS-SA-2025-1177)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
VMware Aria Operations Information Disclosure (VMSA-2025-0003)
The version of VMware Aria Operations running on the remote host is missing a vendor supplied patch. It is, therefore, affected by a information disclosure vulnerability that a malicious user with non-administrative privileges could exploit to retrieve credentials for an outbound plugin if a vali...
CVE-2024-29193 GHSL-2023-207 gotortc DOM-based Cross-site Scripting vulnerability
gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to DOM-based cross-site scripting. The index page index.html shows the available streams by fetching the API in the client side. Then, it uses Object.entries to iterate over the result whose first item name gets...
CVE-2024-24559 Vyper SHA3 code generation bug
Vyper is a Pythonic Smart Contract Language for the EVM. There is an error in the stack management when compiling the IR for sha364. Concretely, the height variable is miscalculated. The vulnerability can't be triggered without writing the IR by hand that is, it cannot be triggered from regular...
CVE-2023-49085
CVE-2023-49085 affects Cacti up to 1.2.25 (pollers.php) via SQL injection in pollers.php, with public references describing an attack path leading to remote code execution when combined with other vulnerabilities. Exploitation is demonstrated in a Metasploit module (requires auth with Sites/Devic...
haproxy: Incomplete fix for CVE-2021-39242 in OpenShift 4.9
The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing. This issue was only affects OpenShift 4.9...
AIX 5.3 TL 12 : solaris (IJ10554)
https://vulners.com/cve/CVE-2017-3623 https://vulners.com/cve/CVE-2017-3623 An unspecified vulnerability in Oracle Sun Systems related to the Solaris Kernel RPC component could allow an unauthenticated attacker to take control of the system. C Tenable Network Security, Inc. The text in the...
Oracle Enterprise Manager Ops Center Remote Code Execution (October 2017 CPU)
The version of Oracle Enterprise Manager Ops Center installed on the remote host is missing a security patch. It is, therefore, affected by a remote code execution vulnerability. Refer to the October 2017 CPU for details on this vulnerability. TRUSTED...
cif-bennes.com XSS vulnerability
Vulnerable URL:...
kuband.fta.channels.drsat.ca XSS vulnerability
Vulnerable URL: http://kuband.fta.channels.drsat.ca/cfm/drsat/channels.cfm?page=43======7,2=5=Keritzy%22%3EKeirtzy%3Cimg%20src=x%20onerror=prompt/XSSPOSED/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 11.01.2018 Vulnerability type:| XSS Vulnerability status:|...
minasinova.com.br Open Redirect vulnerability
Vulnerable URL: http://minasinova.com.br/?adsclick=1=6904-6903-3557-900-3=20874b780e=http%3A%2F%2Fopenbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 06.01.2018 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 2748883...
oyster-suhyup.co.kr XSS vulnerability
Vulnerable URL: http://www.oyster-suhyup.co.kr/bddefault/bdDefaultView.do?searchCondition=/%27%22--!%3E%20%3Cimg%20src=x%20onerror=alert%22openbugbounty%22%3E==/%27%22--!%3E%20%3Cimg%20src=x%20onerror=alert%22openbugbounty%22%3E/bddefault/bdDefaultList.do=1bdseq=145idx=12395 Details: Description|...
laferretcapienne.fr XSS vulnerability
Vulnerable URL: http://www.laferretcapienne.fr/rechercher.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.10.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...
карьера.ноу-хау.рф XSS vulnerability
Vulnerable URL: http://карьера.ноу-хау.рф/resume/?CITY=112%27-prompt%27XSSPOSED%27-%27=30794%27-prompt%27XSSPOSED%27-%27 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 29.08.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / No...
AXIS gSOAP Message Handling RCE (ACV-116267) (Devil's Ivy)
The remote AXIS device is running a firmware version that is missing a security patch. It is, therefore, affected by a remote code execution vulnerability, known as Devil's Ivy, due to an overflow condition that exists in a third party SOAP library gSOAP. An unauthenticated, remote attacker can...
taokaenoi.co.th XSS vulnerability
Vulnerable URL: http://www.taokaenoi.co.th/sendtofriend.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 718048 VIP website status:| No Check taokaenoi.co.th SSL connection:|...
lobeline.net XSS vulnerability
Vulnerable URL:...