8 matches found
CVE-2024-8032 Smooth Gallery Replacement <= 1.0 - CSRF to Stored XSS
The Smooth Gallery Replacement WordPress plugin through 1.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
MAL-2025-318 Malicious code in webpack-extensive-lodash-replacement-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 845800d2390e86cf58dcd05fd029a2ff2a064fef8ec1bc60b2ad041467db4fdb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
AIX 7.2 TL 1 : ntp (IV92067) (deprecated)
NTPv3 and NTPv4 are vulnerable to : https://vulners.com/cve/CVE-2016-7427 NTP is vulnerable to a denial of service, caused by an error in broadcast mode replay prevention functionality. By sending specially crafted NTP packets, a local attacker could exploit this vulnerability to cause a denial o...
AIX 7.1 TL 4 : ntp (IV91951) (deprecated)
NTPv3 and NTPv4 are vulnerable to : https://vulners.com/cve/CVE-2016-7427 NTP is vulnerable to a denial of service, caused by an error in broadcast mode replay prevention functionality. By sending specially crafted NTP packets, a local attacker could exploit this vulnerability to cause a denial o...
AIX 5.3 TL 12 : nettcp (IV88957) (SLOTH) (deprecated)
https://vulners.com/cve/CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle...
AIX 6.1 TL 9 : bind (IV84456) (deprecated)
https://vulners.com/cve/CVE-2016-1285 ISC BIND is vulnerable to a denial of service, caused by the improper handling of control channel input. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to trigger an assertion failure in sexpr.c or alist.c and cause...
AIX 7.1 TL 4 : bind (IV84458) (deprecated)
https://vulners.com/cve/CVE-2016-1285 ISC BIND is vulnerable to a denial of service, caused by the improper handling of control channel input. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to trigger an assertion failure in sexpr.c or alist.c and cause...
AIX 5.3 TL 12 : bind (IV85298) (deprecated)
https://vulners.com/cve/CVE-2016-1285 ISC BIND is vulnerable to a denial of service, caused by the improper handling of control channel input. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to trigger an assertion failure in sexpr.c or alist.c and cause...