8 matches found
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : CarrierWave vulnerabilities (USN-7497-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7497-1 advisory. Rikita Ishikawa discovered that CarrierWave did not correctly sanitize certain inputs. An attacker could possibly use...
CVE-2025-27392
A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0. Affected devices do not properly sanitize user input when creating new VXLAN configurations. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device...
CVE-2025-24480 FactoryTalk® View Machine Editon - Remote Code Execution
A Remote Code Execution Vulnerability exists in the product and version listed above. The vulnerability is due to lack of input sanitation and could allow a remote attacker to run commands or code as a high privileged user...
PT-2022-21147 · WordPress · Advanced Comment Form
Name of the Vulnerable Software and Affected Versions: Advanced Comment Form WordPress plugin versions prior to 1.2.1 Description: The issue allows high privilege users, such as admins, to perform cross-Site Scripting attacks. This is possible because the plugin does not properly sanitise and...
SUSE-SU-2022:0509-1 Security update for cobbler
This update for cobbler fixes the following issues: - CVE-2021-45083: Fixed unsafe permissions on sensitive files bsc1193671. - CVE-2021-45082: Fixed incomplete template sanitation bsc1193678. The following non-security bugs were fixed: - Fix issues with installation module logging and validation...
Instant Photo Gallery 1.0 - 'portfolio.php?cat_id' SQL Injection
source: https://www.securityfocus.com/bid/15659/info Instant Photo Gallery is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a...
DSA-654-1 enscript - several
Bulletin has no description...
Cross-Site Scripting Issues in Falcon Web Server
From Developer: "Falcon Web Server is running under Windows NT/2000/XP as well as Windows 95/98. It supports ISAPI and WinCGI, and it is a fully functional web server which is capable of running a small / medium scale website of about 50-80 hits per minute. The real advantage of Falcon Web Server...