48 matches found
PT-2021-14226 · Cybozu · Cybozu Garoon
Name of the Vulnerable Software and Affected Versions: Cybozu Garoon versions 4.0.0 through 5.5.0 Description: A cross-site scripting issue in some functions of the E-Mail or Group Mail component allows a remote attacker to inject an arbitrary script via unspecified vectors. Recommendations: For...
PT-2021-5288 · Apple · Ipados +4
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.3 iOS versions prior to 14.5 iPadOS versions prior to 14.5 watchOS versions prior to 7.4 tvOS versions prior to 14.5 Description: A parsing issue in the handling of directory paths was addressed with improved path...
PT-2020-6188 · Mariadb +8 · Mariadb +9
Name of the Vulnerable Software and Affected Versions: mariadb versions prior to 10.1.47 mariadb versions prior to 10.2.34 mariadb versions prior to 10.3.25 mariadb versions prior to 10.4.15 mariadb versions prior to 10.5.6 Description: The issue is related to errors in input data processing duri...
PT-2014-18: Weak encryption of account data in Wonderware Information Server
The specialists of the Positive Research center have detected a Weak encryption of account data vulnerability in Wonderware Information Server. Encryption of WIS is insufficient. This vulnerability could allow elevation of privileges if an attacker decrypts the credentials. The system would need ...
TYPO3 SQL Injection vunerabilitie
Hello Bugtraq : Two week ago I found a SQL Inejetion vulnerabilitie in Typo3 in the links-section/module/whatever you call it. I didn't really try to develope an exploit because I thought typo3 would directly react. But unfortunately that didn't happen :/ So here is the url that "exploits" the...
[SA12692] MediaWiki "raw" Page Output Mode Cross-Site Scripting Vulnerability
TITLE: MediaWiki "raw" Page Output Mode Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA12692 VERIFY ADVISORY: http://secunia.com/advisories/12692/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: MediaWiki 1.x http://secunia.com/product/2546/ DESCRIPTIO...
Debian DSA-162-1 : ethereal - buffer overflow
Ethereal developers discovered a buffer overflow in the ISIS protocol dissector. It may be possible to make Ethereal crash or hang by injecting a purposefully malformed packet onto the wire, or by convincing someone to read a malformed packet trace file. It may be possible to make Ethereal run...
DSA-340 x-face-el - insecure temporary file
Bulletin has no description...