CVE-2023-28829

A vulnerability has been identified in SIMATIC NET PC Software V14 All versions, SIMATIC NET PC Software V15 All versions, SIMATIC PCS 7 V8.2 All versions, SIMATIC PCS 7 V9.0 All versions, SIMATIC PCS 7 V9.1 All versions, SIMATIC WinCC All versions V8.0, SINAUT Software ST7sc All versions. Before...

CVE-2010-4533

CVE-2010-4533 affects offlineimap prior to version 6.3.4, where SSL certificate validation was added but SSLv2 is still enabled. This keeps SSLv2’s known weaknesses and yields high CVSS metrics (Confidentiality/Integrity/Availability partial in CVSS2; Critical in CVSS3.1). The connected documents...

Improper access control

A deficiency in the access control in module express-cart =1.1.5 allows unprivileged users to add new users to the application as administrators...

WebSummit: Reflective XSS

It appears the fix for https://hackerone.com/reports/166699 did not stick. URL https://websummit.net/attendees/featured-attendees?q=rubyoob%27%3E%3Ciframe/onload=alertdocument.domain%3E%3C/iframe%3E URL Parameters q=rubyoob%27%3E%3Ciframe/onload=alertdocument.domain%3E%3C/iframe%3E Request Header...