2292 matches found
CVE-2019-5504
ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions...
CVE-2019-5504
The CVE-2019-5504 entry concerns ONTAP Select Deploy administration utility versions 2.12 and 2.12.1. The vulnerability arises because an HTTP service is bound to the network, allowing unauthenticated remote attackers to perform administrative actions. Documents confirm the affected product (ONTA...
PT-2019-5545 · Sqlite +9 · Sqlite +9
Name of the Vulnerable Software and Affected Versions: SQLite versions 3.30.1 and earlier Description: The issue is related to errors in handling numbers, which can be exploited by a remote attacker to cause a denial of service. It is also reported that certain SELECT statements with a nonexisten...
Humanica Humatrix 7 Recruitment Module Information Disclosure Vulnerability
Humanica Humatrix 7 is a human resource management solution. recruitment is one of the recruitment modules. A security vulnerability exists in the Recruitment module in Humanica Humatrix 7 versions 1.0.0.681 and 1.0.0.203. A remote attacker can exploit the vulnerability by modifying the 'selApp'...
CVE-2018-20962
The Backpack\CRUD Backpack component before 3.4.9 for Laravel allows XSS via the select field type...
Design/Logic Flaw
The Backpack\CRUD Backpack component before 3.4.9 for Laravel allows XSS via the select field type...
CVE-2018-20962
The Backpack\CRUD Backpack component before 3.4.9 for Laravel allows XSS via the select field type...
opensc: Buffer overflows handling responses from TCOS Cards in card-tcos.c:tcos_select_file()
Several buffer overflows when handling responses from a TCOS Card in tcosselectfile in libopensc/card-tcos.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...
DEBIAN-CVE-2016-10764
In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspisetupflash function. There are CQSPIMAXCHIPSELECT elements in the -fpdata array so the "" should be "=" instead...
UBUNTU-CVE-2016-10764
In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspisetupflash function. There are CQSPIMAXCHIPSELECT elements in the -fpdata array so the "" should be "=" instead...
CVE-2018-19462
admin\db\DoSql.php in EmpireCMS through 7.5 allows remote attackers to execute arbitrary PHP code via SQL injection that uses a .php filename in a SELECT INTO OUTFILE statement to admin/admin.php...
HPE Intelligent Management Center (IMC) userSelectPagingContent Expression Language Injection Remote Code Execution Vulnerability
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A userSelectPagingContent expression language injection remote code execution vulnerability exists in HPE...
HPE Intelligent Management Center (IMC) customTemplateSelect Expression Language Injection Remote Code Execution Vulnerability
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A customTemplateSelect expression language injection remote code execution vulnerability exists in HPE...
HPE Intelligent Management Center (IMC) deploySelectBootrom Expression Language Injection Remote Code Execution Vulnerability
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A deploySelectBootrom expression language injection remote code execution vulnerability exists in HPE...
HPE Intelligent Management Center (IMC) select expression language injection remote code execution vulnerability
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A select expression language injection remote code execution vulnerability exists in HPE Intelligent...
HPE Intelligent Management Center (IMC) SyslogTempletSelectWin Expression Language Injection Remote Code Execution Vulnerability
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A SyslogTempletSelectWin expression language injection remote code execution vulnerability exists in HPE...
HPE Intelligent Management Center (IMC) deploySelectSoftware Expression Language Injection Remote Code Execution Vulnerability
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A deploySelectSoftware expression language injection remote code execution vulnerability exists in HPE...
HPE Intelligent Management Center (IMC) perfSelectTask Expression Language Injection Remote Code Execution Vulnerability
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A perfSelectTask expression language injection remote code execution vulnerability exists in HPE Intellige...
HPE Intelligent Management Center (IMC) quickTemplateSelect Expression Language Injection Remote Code Execution Vulnerability
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A quickTemplateSelect expression language injection remote code execution vulnerability exists in HPE...
Sql injection
A SQL injection vulnerability exists in all Orpak SiteOmat versions prior to 2017-09-25. The vulnerability is in the login page, where the authentication validation process contains an insecure SELECT query. The attack allows for authentication bypass...