CVE-2024-3044

Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic. Such scripts were previously deemed trusted but are now deemed untrusted...

catalog.sru.edu XSS vulnerability

Vulnerable URL: http://catalog.sru.edu/portfolionopop.php/"--!" Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Coordinated Disclosure Timeline: Description| Value...

Web Reference Database XML Injection Vulnerability

Web Reference Database is a web-based multi-user interface product that provides search tools and automatic indexing for managing scientific literature. The Web Reference Database unapi.php script fails to adequately filter the 'id' parameter and the sru.php script fails to adequately filter the...

Oracle Solaris Third-Party Patch Update : proftpd (cve_2011_4130_use_after)

The remote Solaris system is missing necessary patches to address security updates : - Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer...

Oracle Solaris Third-Party Patch Update : telnet (cve_2011_4862_buffer_overflow)

The remote Solaris system is missing necessary patches to address security updates : - Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications aka krb5-appl 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other...

Oracle Solaris Third-Party Patch Update : libvorbis (cve_2012_0444_memory_corruption)

The remote Solaris system is missing necessary patches to address security updates : - Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers t...

Oracle Solaris Third-Party Patch Update : perl-58 (cve_2011_2728_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - The bsdglob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service crash via a glob expression with the GLOBALTDIRFUNC flag, which triggers an...

Oracle Solaris Third-Party Patch Update : samba (cve_2012_1182_arbitrary_code)

The remote Solaris system is missing necessary patches to address security updates : - The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation,...

Oracle Solaris Critical Patch Update : july2013_SRU11_1_7_5_0

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Kernel/VM. The supported version that is affected is 11. Easily exploitable vulnerability requiring logon to...

CVE-2013-1914

Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library aka glibc or libc6 2.17 and earlier allows remote attackers to cause a denial of service crash via a 1 hostname or 2 IP address that triggers a large number of domain conversion results...