RHEL 7 : rhnsd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rhnsd: World-writable PID files CVE-2017-7560 Note that Nessus has not tested for this issue but has instead relied...

RHEL 6 : rubygem-kafo (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rubygem-kafo: temporary file creation vulnerability when creating /tmp/defaultvalues.yaml CVE-2014-0135 Note that...

PT-2023-6443 · Rails · Rails

Name of the Vulnerable Software and Affected Versions: Rails versions prior to 7.0.4.1 Description: The issue is related to an open redirect vulnerability in Rails, where an attacker could bypass the protection against open redirects by using a carefully crafted URL, resulting in an open redirect...

PT-2023-10000 · Unknown · Aeharding Classroom-Engagement-System

Name of the Vulnerable Software and Affected Versions: aeharding classroom-engagement-system affected versions not specified Description: A critical issue was found, allowing for SQL injection through some unknown functionality. The manipulation can be performed remotely. Recommendations: Apply t...

PT-2022-27227 · Unknown · M0Ver Bible-Online

Name of the Vulnerable Software and Affected Versions: m0ver bible-online affected versions not specified Description: A critical issue has been found in the Search Handler component, specifically in the query function of the src/main/java/custom/application/search.java file. This issue leads to...

CVE-2022-36041 Rizin Out-of-bounds Write vulnerability in Mach-O binary plugin

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when parsing Mach-O files. A user opening a malicious Mach-O file could be affected by this vulnerability, allowing an attacker to execute code on the...

kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS

A vulnerability found in the Linux kernel's WMM implementation for Marvell WiFi-based hardware mwifiex could lead to a denial of service or allow arbitrary code execution. For this flaw to be executed, the attacker must be both local and privileged. There is no mitigation to this flaw. A patch ha...

kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS

A vulnerability found in the Linux kernel's WMM implementation for Marvell WiFi-based hardware mwifiex could lead to a denial of service or allow arbitrary code execution. For this flaw to be executed, the attacker must be both local and privileged. There is no mitigation to this flaw. A patch ha...

kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS

A vulnerability found in the Linux kernel's WMM implementation for Marvell WiFi-based hardware mwifiex could lead to a denial of service or allow arbitrary code execution. For this flaw to be executed, the attacker must be both local and privileged. There is no mitigation to this flaw. A patch ha...

CVE-2020-5218 Ability in Sylius to switch channels via GET parameter enabled in production environments

Affected versions of Sylius give attackers the ability to switch channels via the channelcode GET parameter in production environments. This was meant to be enabled only when kernel.debug is set to true. However, if no syliuschannel.debug is set explicitly in the configuration, the default value...

kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS

A vulnerability found in the Linux kernel's WMM implementation for Marvell WiFi-based hardware mwifiex could lead to a denial of service or allow arbitrary code execution. For this flaw to be executed, the attacker must be both local and privileged. There is no mitigation to this flaw. A patch ha...

CVE-2010-0349

CVE-2010-0349 concerns the WebCalenderC3 web calendar from C3 Corp. A cross-site scripting (XSS) flaw exists in WebCalenderC3 v0.32 and earlier, with the vendor unable to reproduce it but a patch/security-enhanced version was released. The vulnerability may allow arbitrary script execution in a u...

dmsPOP3.txt

Summary: A buffer overflow exists in DMS POP3 Server for Windows 2000/XP 1.5.3 build 37 http://www.digitalmapping.sk.ca/pop3srv/default.asp and prior versions. Details: A buffer overflow occurs during the POP3 authentication process when an overly long username is supplied. When the username buff...

Vulnerability: OpenBSD 3.5 Kernel Panic.

Hi, I have posted this vulnerability note to CERT and gotten no response. It is remotely exploitable, but since it requires commands to be executed as root on the gateway machine, it is unlikely to cause any unplanned disruption. OpenBSD was contacted, and they provided a patch within 12 hours...

Mandrake Linux Security Advisory : zlib (MDKSA-2003:033)

Richard Kettlewell discovered a buffer overflow vulnerability in the zlib library's gzprintf function. This can be used by attackers to cause a denial of service or possibly even the execution of arbitrary code. Our thanks to the OpenPKG team for providing a patch which adds the necessary configu...

wwwoffle-2.7b and prior segfaults with negative Content-Length value

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 QITEST1 SECURITY ADVISORY 005 wwwoffle-2.7b and prior segfaults with negative Content-Length value PROGRAM DESCRIPTION WWWOFFLE, World Wide Web Offline Explorer, is a proxy HTTP/FTP server for computers with dial-up internet access. DETAILS When...

Courier CPU exhaustion

Title: Courier CPU exhaustion Author: ZARAZA Date: May, 31 2002 Affected: courier-0.38.1 Vendor: Double Precision, Inc. Risk: Low to average Remote: Yes Exploitable: Yes Vendor notified: May, 20 2002 Product URL: http://www.courier-mta.org SECURITY.NNOV URL: http://www.security.nnov.ru Advanced...

wwwboard-bomb.txt

WWWBoard v2.0 ALPHA Vulnerability Recently, many vulnerabilities have been found in the popular WWWBoard script written by Matt Wright, this is yet another. When the followup value in a form posted to the WWWBoard script contains the same post number twice, the script follows up to that post twic...

ssh2-remote-forward.txt

Date: Wed, 30 Dec 1998 00:04:47 +1100 From: Darren Reed To: [email protected] Subject: ssh2 security problem and patch fwd This just came across the ssh list...I've deleted the patch for brievity original length was some 2900 lines. From [email protected] Tue Dec 29 23:13:34 EDT 1998 From:...