37 matches found
openSUSE 16 Security Update : openQA, os-autoinst, openQA-devel-container (openSUSE-SU-2026:20261-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20261-1 advisory. Changes in openQA: - Update to version 5.1771422749.560a3b26: fixmcp: set navbar check expression to read-only feat: support inverted result filters in...
CVE-2026-1324
A vulnerability was identified in Sangfor Operation and Maintenance Management System up to 3.0.12. Affected by this issue is the function SessionController of the file /isomp-protocol/protocol/session of the component SSH Protocol Handler. The manipulation of the argument keypassword leads to os...
CVE-2026-1324
Summary: CVE-2026-1324 affects Sangfor Operation and Maintenance Management System (
CVE-2025-15502
The CVE-2025-15502 entry affects Sangfor Operation and Maintenance Management System up to version 3.0.8. The vulnerability lies in the SessionController function at /isomp-protocol/protocol/session, where manipulating the Hostname argument enables OS command injection. It is exploitable remotely...
CVE-2025-15502 Sangfor Operation and Maintenance Management System session SessionController os command injection
A vulnerability was identified in Sangfor Operation and Maintenance Management System up to 3.0.8. The affected element is the function SessionController of the file /isomp-protocol/protocol/session. Such manipulation of the argument Hostname leads to os command injection. The attack can be...
PT-2026-1779
Name of the Vulnerable Software and Affected Versions Sangfor Operation and Maintenance Management System versions up to 3.0.8 Description A remote OS command injection issue exists in the SessionController function within the /isomp-protocol/protocol/session file of the software. Manipulation of...
EUVD-2017-8595
Malware in sbrugna...
EUVD-2021-1081
Malware in sbrugna...
PT-2024-22878 · Unknown · Silverpeas Core
Name of the Vulnerable Software and Affected Versions: Silverpeas Core version 6.3 Description: The issue is related to Cross Site Scripting XSS via the ClipboardSessionController. This means an attacker could potentially inject malicious scripts into the website, affecting users' sessions...
Oracle WebRTC Session Controller parseCert Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle WebRTC Session Controller. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parseCert function. The issue results from the lack of proper...
GHSA-GMCH-CM2P-9QW9 Cross-site Scripting in lightning-server
This affects all versions of package lightning-server. It is possible to inject malicious JavaScript code as part of a session controller...
Cross-site Scripting in lightning-server
This affects all versions of package lightning-server. It is possible to inject malicious JavaScript code as part of a session controller...
lightning-server cross-site scripting vulnerability
lightning-server is a personal developer Npm library for data visualization applications . The library provides API-based access to reproducible Web-based interactive visualizations. A security vulnerability exists in all versions of lightning-server, which can be exploited by an attacker to inje...
Cross-site Scripting (XSS)
lightning-server is vulnerable to cross-site scripting XSS. An attacker is able to inject and execute malicious script in a user's browser via an error message in the session controller's addData function...
CVE-2020-7747
This affects all versions of package lightning-server. It is possible to inject malicious JavaScript code as part of a session controller...
CVE-2020-7747
This affects all versions of package lightning-server. It is possible to inject malicious JavaScript code as part of a session controller...
Code injection
This affects all versions of package lightning-server. It is possible to inject malicious JavaScript code as part of a session controller...
CVE-2020-7747 Cross-site Scripting (XSS)
This affects all versions of package lightning-server. It is possible to inject malicious JavaScript code as part of a session controller...
Unspecified Vulnerability in Sangoma Technologies SBCs
The Sangoma Technologies SBC is a border session controller SBC from Sangoma Technologies, a Canadian company. A security vulnerability in Sangoma Technologies SBC version 2.3.23-119-GA can be exploited by an attacker to create privileged accounts on a system via the application's login screen...
OpenSSL CVE-2018-0732 Denial of Service Vulnerability
Description OpenSSL is prone to denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected OpenSSL Project OpenSSL 1.0.2 OpenSSL Project OpenSSL 1.0.2a OpenSSL Project OpenSSL 1.0.2b OpenSSL Project OpenSSL 1.0.2c OpenSSL...