7654 matches found
CVE-2021-4091
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash...
Double free
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash...
CVE-2021-4091
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash...
UBUNTU-CVE-2021-4091
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash...
CVE-2021-4091
Summary : CVE-2021-4091 is a vulnerability in 389-ds-base. A double-free in the handling of the virtual attributes context during persistent searches can cause the OpenLDAP server to crash. Multiple advisories confirm affected releases and provide fixed packages across distros (e.g., Debian 1.4.4...
Priceel CMS - Multiple Persistent Web Vulnerabilities
Document Title: =============== Priceel CMS - Multiple Persistent Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2297 Release Date: ============= 2022-02-18 Vulnerability Laboratory ID VL-ID: ==================================== 229...
CVE-2021-4091
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash...
CVE-2021-4091
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash...
Baby Golang-Based Botnet Already Pulling in $3K/Month for Operators
There’s a new, still-under-development, Golang-based botnet called Kraken with a level of brawn that belies its youth: It’s using the SmokeLoader malware loader to spread like wildfire and is already raking in a tidy USD $3,000/month for its operators, researchers report. Though its name may soun...
CVE-2022-20653 Cisco Email Security Appliance DNS Verification Denial of Service Vulnerability
A vulnerability in the DNS-based Authentication of Named Entities DANE email verification component of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability...
MartFury Marketplace Cross Site Scripting
Document Title: =============== MartFury Marketplace - Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2282 Release Date: ============= 2022-02-17 Vulnerability Laboratory ID VL-ID: ====================================...
Updated php-adodb packages fix security vulnerability
Security hotfix release addressing a critical vulnerability in PostgreSQL connections CVE-2021-3850 Additional fixes: Fix usage of getmagic functions 619 657 Fix PHP warning in rs2rs function 679 pdo: Fix Fatal error in query 666 pdo: Fix undefined variable 678 pgsql: Fix Fatal error in close...
CVE-2021-4046
The mtxtNom y mtxtCognoms parameters in TCMAN GIM v8.01 allow an attacker to perform persistent XSS attacks. This vulnerability could be used to carry out a number of browser-based attacks including browser hijacking or theft of sensitive data...
CVE-2021-4046
The mtxtNom y mtxtCognoms parameters in TCMAN GIM v8.01 allow an attacker to perform persistent XSS attacks. This vulnerability could be used to carry out a number of browser-based attacks including browser hijacking or theft of sensitive data...
Cross site scripting
The mtxtNom y mtxtCognoms parameters in TCMAN GIM v8.01 allow an attacker to perform persistent XSS attacks. This vulnerability could be used to carry out a number of browser-based attacks including browser hijacking or theft of sensitive data...
PT-2022-11246 · Tcman Gim · Tcman Gim
Name of the Vulnerable Software and Affected Versions: TCMAN GIM version 8.01 Description: The issue allows an attacker to perform persistent XSS attacks using the m txtNom and m txtCognoms parameters. This could be used to carry out browser-based attacks, including browser hijacking or theft of...
CVE-2022-0020
A stored cross-site scripting XSS vulnerability in Palo Alto Network Cortex XSOAR web interface enables an authenticated network-based attacker to store a persistent javascript payload that will perform arbitrary actions in the Cortex XSOAR web interface on behalf of authenticated administrators...
CVE-2022-0020
A stored cross-site scripting XSS vulnerability in Palo Alto Network Cortex XSOAR web interface enables an authenticated network-based attacker to store a persistent javascript payload that will perform arbitrary actions in the Cortex XSOAR web interface on behalf of authenticated administrators...
Cross site scripting
A stored cross-site scripting XSS vulnerability in Palo Alto Network Cortex XSOAR web interface enables an authenticated network-based attacker to store a persistent javascript payload that will perform arbitrary actions in the Cortex XSOAR web interface on behalf of authenticated administrators...
Apache Pulsar Input Validation Error Vulnerability
Apache Pulsar is the United States Apache Apache Foundation for cloud environments, set of messages, storage, lightweight functional computing as one of the distributed message flow platform. The software supports multi-tenant, persistent storage, multi-machine room cross-region data replication,...