13939 matches found
MiracleLinux 4 : samba-3.6.23-25.AXS4 (AXSA:2016-137:02)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-137:02 advisory. Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information such as lists of available files and printer...
MiracleLinux 4 : subversion-1.6.11-2.AXS4.2 (AXSA:2011-60:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-60:01 advisory. Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files an...
MiracleLinux 4 : samba-3.5.10-116.AXS4 (AXSA:2012-543:03)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-543:03 advisory. Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information such as lists of available files and printer...
MiracleLinux 4 : mysql-5.1.52-1.AXS4.1 (AXSA:2011-32:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-32:01 advisory. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many...
CVE-2023-43843
Incorrect access control in the account management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated users to read user and administrator accounts passwords via HTTP GET request...
CVE-2023-43847
Incorrect access control in the outlet control function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated users to control all the outlets as if they were the administrator via HTTP POST requests...
CVE-2009-4053
Multiple directory traversal vulnerabilities in Home FTP Server 1.10.1.139 allow remote authenticated users to 1 create arbitrary directories via directory traversal sequences in an MKD command or 2 create files with any contents in arbitrary directories via directory traversal sequences in a fil...
CVE-2009-4329
Unspecified vulnerability in the Engine Utilities component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service segmentation fault by modifying the db2ra data stream sent in a request from the Load Utility...
CVE-2009-4963
Cross-site scripting XSS vulnerability in the Commerce extension before 0.9.9 for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-4159
Cross-site scripting XSS vulnerability in the newsletter configuration feature in the backend module in the Direct Mail directmail extension 2.6.4 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-4595
SQL injection vulnerability in index.php in PHP Inventory 1.2 allows remote authenticated users to execute arbitrary SQL commands via the supid parameter in a suppliers details action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informatio...
CVE-2009-4328
Unspecified vulnerability in the DRDA Services component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service server trap by calling a SQL stored procedure in unknown circumstances...
CVE-2009-4922
Unspecified vulnerability on Cisco Adaptive Security Appliances ASA 5580 series devices with software before 8.12 allows remote authenticated users to cause a denial of service traceback by establishing many IPsec L2L tunnels from remote peer IP addresses, aka Bug ID CSCso15583...
CVE-2010-0215
ActiveCollab before 2.3.2 allows remote authenticated users to bypass intended access restrictions, and 1 delete an attachment or 2 subscribe to an object, via a crafted URL...
CVE-2010-0501
Directory traversal vulnerability in FTP Server in Apple Mac OS X Server before 10.6.3 allows remote authenticated users to read arbitrary files via crafted filenames...
CVE-2010-0142
MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote authenticated users to gain privileges via a modified authentication sequence, aka Bug ID CSCsv66530...
CVE-2022-38844
CSV Injection in Create Contacts in EspoCRM 7.1.8 allows remote authenticated users to run system commands via creating contacts with payloads capable of executing system commands. Admin user exporting contacts in CSV file may end up executing the malicious system commands on his system...
CVE-2022-26595
Liferay Portal 7.3.7, 7.4.0, and 7.4.1, and Liferay DXP 7.2 fix pack 13, and 7.3 fix pack 2 does not properly check user permission when accessing a list of sites/groups, which allows remote authenticated users to view sites/groups via the user's site membership assignment UI...
CVE-2011-0861
Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Update 2011-B and 9.1 Update 2011-B allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Global Payroll Core...
CVE-2011-0799
Unspecified vulnerability in the Oracle Warehouse Builder component in Oracle Database Server 10.2.0.5 OWB, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Oracle Warehouse Builder User Account...