8004 matches found
Joomla JE Form Creator Component SQL Injection Vulnerability
Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla JE Form Creator component, which can be exploited by attackers to access or modify database data...
Joomla JE auction component SQL injection vulnerability
Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla JE auction component. An attacker can exploit the vulnerability to access or modify database data...
CVE-2016-8355
An issue was discovered in Smiths-Medical CADD-Solis Medication Safety Software, Version 1.0; 2.0; 3.0; and 3.1. CADD-Solis Medication Safety Software grants an authenticated user elevated privileges on the SQL database, which would allow an authenticated user to modify drug libraries, add and...
CVE-2016-8341
An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and delete commands...
Malware Information Sharing Platform: MISP
Malware Information Sharing Platform MISP, Malware Information Sharing Platform and Threat Sharing, is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threat about cyber security incidents analysis and malware analysis. MISP is...
Multi-meter (DuomiCms) film and television management system climit and ckey parameters exist SQL injection vulnerability
Duomi DuomiCms film and television management system is a set of specialized video on demand system. A SQL injection vulnerability exists in DuomiCms. The lack of filtering of the 'climit' and 'ckey' parameters allows an attacker to exploit the vulnerability to obtain sensitive database informati...
McAfee ePolicy Orchestrator SQL Injection Vulnerability (CNVD-2017-01459)
McAfee ePolicy Orchestrator ePO is a suite of scalable security management software from Intel Corporation formerly McAfee, Inc.. The software enables centralized, streamlined management of endpoint, network, content security and compliance solutions. An SQL injection vulnerability exists in McAf...
The vulnerability of the MySQL database management system allows a hacker to cause a service failure.
The vulnerability of the InnoDB component of the MySQL database management system is related to the creation of critical data packets. Exploiting this vulnerability can allow a malicious actor to cause a system to become unresponsive or, in rare cases, to trigger an emergency shutdown through...
[SECURITY] Fedora 25 Update: mingw-libgsf-1.14.41-1.fc25
MinGW Windows port of the library for reading and writing structured files...
MC Documentation Creator SQL Injection Vulnerability
MC Documentation Creator is a PHP document creation script . A SQL injection vulnerability exists in MC Documentation Creator. Due to poor parameter filtering in this PHP script, an attacker can exploit the vulnerability to obtain sensitive data...
Advantech WebAccess 'updateTemplate.aspx' SQL Injection Vulnerability
Advantech WebAccess is a set of HMI/SCADA software from Advantech based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. A SQL injection vulnerability exists in Advantech WebAcces...
Platform Independent Meta Information Editor: ExifTool
Platform Independent Meta Information Editor ExifTool is a platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files. ExifTool supports many different metadata formats including EXIF, GPS, IPTC, XMP, JFIF, GeoTIF...
MGASA-2016-0427 Updated libgsf packages fix security vulnerability
An error within the "tardirectoryforfile" function gsf-infile-tar.c in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently cause a crash via a crafted TAR file CVE-2016-9888...
Updated libgsf packages fix security vulnerability
An error within the "tardirectoryforfile" function gsf-infile-tar.c in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently cause a crash via a crafted TAR file CVE-2016-9888...
Smart Guard Network Manager SQL Injection Vulnerability
Smart Guard Network Manager is a software that manages your network, bandwidth and network security. An SQL injection vulnerability exists in the ?menuid parameter of the searchallhistory.php page in Smart Guard Network Manager version 6.3.2, which originates from the program failing to adequatel...
Microsoft .NET Framework Information Disclosure Vulnerability (CNVD-2016-12419)
Microsoft .NET Framework is a comprehensive and consistent programming model developed by Microsoft Corporation USA and a development platform for building Windows, Windows Store, Windows Phone, Windows Server and Microsoft Azure Windows Store, Windows Phone, Windows Server, and Microsoft Azure...
[SECURITY] Fedora 25 Update: libgsf-1.14.33-4.fc25
A library for reading and writing structured files e.g. MS OLE and Zip...
ALPINE-CVE-2016-9888
An error within the "tardirectoryforfile" function gsf-infile-tar.c in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently cause a crash via a crafted TAR file...
CVE-2016-9888
An error within the "tardirectoryforfile" function gsf-infile-tar.c in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently cause a crash via a crafted TAR file...
CVE-2016-9888
An error within the "tardirectoryforfile" function gsf-infile-tar.c in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently cause a crash via a crafted TAR file...