13 matches found
MiracleLinux 7 : kernel-3.10.0-1160.119.1.0.8.el7.AXS7 (AXSA:2025-9625:10)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9625:10 advisory. media: edia: dvbdev: fix a use-after-free CVE-2024-27043 btrfs: dev-replace: properly validate device names CVE-2024-26791 KVM: nSVM: Ignore nCR34:0...
Cross-site Scripting (XSS)
TYPO3 is vulnerable to Cross-site Scripting XSS. The vulnerability is due to failing to properly encode user input in the login status display in the website frontend, requiring a valid user account either backend or frontend to exploit...
GHSA-8C25-VJ2W-P72J TYPO3 Cross-Site Scripting in Frontend User Login
Failing to properly encode user input, login status display is vulnerable to cross-site scripting in the website frontend. A valid user account is needed in order to exploit this vulnerability - either a backend user or a frontend user having the possibility to modify their user profile. Template...
SUSE CVE-2022-1520
When viewing an email message A, which contains an attached message B, where B is encrypted or digitally signed or both, Thunderbird may show an incorrect encryption or signature status. After opening and viewing the attached message B, when returning to the display of message A, the message A...
Hash Compare - File Integrity Comparison Tool
Hash Compare is the FREE File Hash comparison tool. It performs Hash based Integrity Comparison using any of the the popular hash algorthms such as MD5 , SHA1 or SHA256. To make the task easier and quicker, it also supports the 'File Drag & Drop' feature. That means you can just drag & drop one o...
Design/Logic Flaw
cmus-status-display in cmus 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cmus-status temporary file...
CVE-2008-5375
cmus-status-display in cmus 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cmus-status temporary file...
DEBIAN-CVE-2008-5375
cmus-status-display in cmus 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cmus-status temporary file...
CVE-2008-5375
cmus-status-display in cmus 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cmus-status temporary file...
CVE-2008-5375
cmus-status-display in cmus 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cmus-status temporary file...
ICECast XSS
The remote server runs a version of ICECast which is as old as or older than version 1.3.12. This version is affected by a cross-site scripting vulnerability in the status display functionality. This issue is due to a failure of the application to properly sanitize user-supplied input. As a resul...
Icecast list.cgi User-Agent XSS
The remote server runs a version of Icecast that is as old or older than version 1.3.12. This version is affected by a cross-site scripting vulnerability in the status display functionality. This issue is due to a failure of the application to properly sanitize user-supplied input. As a result of...
DSR-wmapm.sh
/bin/sh Pretty useless, we can mess up /etc/dumpdates or run shutdown on FreeBSD systems with wmapm from ports. If wmapm is installed from source we get root instead, so I suppose this might be worth somethinguid 0 on linux. kokanin@dtors pkginfo | grep -i wmapm wmapm-3.1 Laptop battery status...