30 matches found
SUSE CVE-2013-2724
Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors...
WordPress 插件跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the Smart...
CVE-2021-35658
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...
PortlandLabs Concrete CMS 路径遍历漏洞
PortlandLabs Concrete Cms is a team-oriented open source content management system from PortlandLabs, Inc. PortlandLabs Concrete CMS 8.5.5 and earlier has a security vulnerability that could be exploited by an attacker to cause path traversal in RCE via an external form by adding regular...
CVE-2021-2423
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...
Kaseya VSA SQL注入漏洞
Kaseya VSA is the RMM Remote Monitoring and Management software commonly used by Kaseya's Managed Service Providers MSPs in the United States to manage their customers' networks. A SQL injection vulnerability exists in Kaseya VSA versions prior to 9.5.5, which can be exploited by an attacker to...
LibSass Denial of Service Vulnerability (CNVD-2018-24636)
LibSass is an open source written in C using Sass CSS extension language parser . A denial of service vulnerability exists in the inspect.cpp file in LibSass version 3.5.5, which can be exploited by an attacker to cause a denial of service with the help of a specially crafted sass input file...
nodejs ejs cross-site scripting vulnerability
nodejs ejs is an embedded JavaScript template with flow control, customizable delimiters and escaped output. A cross-site scripting vulnerability exists in the 'ejs.renderFile' function in versions of nodejs ejs prior to 2.5.5. A remote attacker can exploit the vulnerability to inject code...
CVE-2017-10251
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Test Framework. Supported versions that are affected are 8.54 and 8.55. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where PeopleSoft...
PT-2012-6296 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.5.5 Description: The issue concerns the netlink sendmsg function in the Linux kernel, which fails to validate the dst pid field. This allows local users to potentially spoof Netlink messages, although the exac...