CVE-2024-51905

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ravi Kumar Vanukuru RSV PDF Preview rsv-pdf-preview allows Stored XSS.This issue affects RSV PDF Preview: from n/a through = 1.0...

CVE-2024-51905

CVE-2024-51905 is a Stored XSS in the RSV PDF Preview WordPress plugin (versions 1.0 and earlier). Root cause: improper input neutralization during web page generation. Affected product: RSV PDF Preview (WordPress). Public sources indicate the issue affects RSV PDF Preview up to version 1.0 with ...

About the security content of Safari18.1

About the security content of Safari18.1 This document describes the security content of Safari 18.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

CVE-2022-43754 SUMA/UYUNI reflected cross site scripting in /rhn/audit/scap/Search.do

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manager Server 4.2 allows remote attackers to embed...

CVE-2022-43753 SUMA/UYUNI arbitrary file disclosure vulnerability in ScapResultDownload

A Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manager Server 4.2 allows remote attackers to read files...

CVE-2022-31255 SUMA/UYUNI directory path traversal vulnerability in CobblerSnipperViewAction

An Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manager Server 4.2 allows remote attackers to read files...

CVE-2022-31248 SUMA user enumeration via weak error message

A Observable Response Discrepancy vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to discover valid usernames. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46-1. SUSE Manager Server 4.2 spacewalk-java...

CVE-2022-21952 SUMA unauthenticated remote DoS via resource exhaustion

A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46...

About the security content of Safari 14.0.1 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

About the security content of Safari 14.0.1

About the security content of Safari 14.0.1 This document describes the security content of Safari 14.0.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

Suma SMS - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Suma SMS published at the 'play' market has multiple vulnerabilities...

Wolf CMS - Arbitrary File Upload Execution

Wolf CMS - Arbitrary File Upload Execution Exploit Title : Wolf CMS 0.8.2 Arbitrary File Upload To Command Execution Reported Date : 05-May-2015 Fixed Date : 10-August-2015 Exploit Author : Narendra Bhati CVE ID : CVE-2015-6567 , CVE-2015-6568 Contact: Facebook :...

X3 CMS 0.5.1.1 Cross Site Request Forgery / Cross Site Scripting

Product: X3 CMS 0.5.1 & 0.5.1.1 Vendor: X3 CMS Vulnerable Versions: 0.5.1 and 0.5.1.1 Tested Version: 0.5.1.1 Vendor Notification: 2 Nov , 2014 Vendor Patch: 7 Nov, 2014 Advisory Publication: 8 Nov, 2014 Public Disclosure: 8 November , 2014 Vulnerability Type: CSRF + Reflected Cross Site Scriptin...

X3 CMS 0.5.1.1 Cross Site Request Forgery / Cross Site Scripting Vulnerabilities

X3 CMS versions 0.5.1 and 0.5.1.1 suffer from cross site request forgery and cross site scripting vulnerabilities. Product: X3 CMS 0.5.1 & 0.5.1.1 Vendor: X3 CMS Vulnerable Versions: 0.5.1 and 0.5.1.1 Tested Version: 0.5.1.1 Vendor Notification: 2 Nov , 2014 Vendor Patch: 7 Nov, 2014 Advisory...

MODx CMS 2.2.14 - Cross-Site Request Forgery Bypass / Reflected Cross-Site Scripting / Persistent Cross-Site Scripting

Advisory ID: 92152 Product: MODX Revolution Vendor: MODX Vulnerable Versions: 2.0.0–2.2.14 Tested Version: 2.2.14 Advisory Publication: 16 July, 2014 without technical details Vendor Notification: 16 July, 2014 Vendor Patch: 15 July, 2014 Public Disclosure: 2 November , 2014 Vulnerability Type:...

AIX 530011 : U840877

The remote host is missing AIX PTF U840877 which is related to the security of the package devices.scsi.disk.rte You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

AIX 530011 : U840811

The remote host is missing AIX PTF U840811 which is related to the security of the package bos.rte.aio You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

AIX 530011 : U840810

The remote host is missing AIX PTF U840810 which is related to the security of the package bos.adt.debug You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

AIX 530011 : U840851

The remote host is missing AIX PTF U840851 which is related to the security of the package bos.rte.servaid You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

AIX 530011 : U840397

The remote host is missing AIX PTF U840397 which is related to the security of the package bos.rte.security You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...