EUVD-2018-2736

Malware in sbrugna...

EUVD-2010-4567

Malware in sbrugna...

Debian: Security Advisory (DLA-787-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ROS-2-1193

2.1193 VLC vulnerabilities with specially designed playlists 1. Vulnerability description: A remote user can create a specially crafted file that can cause various issues. It is possible to trigger remote code execution through a specially created playlist and trick the user into interacting with...

CVE-2020-1946 Apache SpamAssassin has an OS Command Injection vulnerability

In Apache SpamAssassin before 3.4.5, malicious rule configuration .cf files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA version 3.4.5, users should only use update channels or 3...

CVE-2020-1930

A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious rule configuration .cf files can be configured to run system commands similar to CVE-2018-11805. With this bug unpatched, exploits can be injected in a number of scenarios including the same...

Command injection

A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious Configuration .cf files can be configured to run system commands similar to CVE-2018-11805. This issue is less stealthy and attempts to exploit the issue will throw warnings. Thanks to Damian...

CVE-2020-1931

A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious Configuration .cf files can be configured to run system commands similar to CVE-2018-11805. This issue is less stealthy and attempts to exploit the issue will throw warnings. Thanks to Damian...

Debian DLA-787-1 : otrs2 security update

A cross-site sripting vulnerability XSS was discovered in OTRS, a ticket requesting system for the web. An attacker could trick an authenticated user into opening a malicious attachment which could lead to the execution of JavaScript in OTRS context. This update addresses the vulnerability by...

CVE-2010-4601

Multiple unspecified vulnerabilities in IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, and 7.1.2.x before 7.1.2.1 allow attackers to have an unknown impact via vectors related to third-party .ocx files...

Code injection

Multiple unspecified vulnerabilities in IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, and 7.1.2.x before 7.1.2.1 allow attackers to have an unknown impact via vectors related to third-party .ocx files...

CVE-2010-4601

Multiple unspecified vulnerabilities in IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, and 7.1.2.x before 7.1.2.1 allow attackers to have an unknown impact via vectors related to third-party .ocx files...

CVE-2006-2331

Multiple directory traversal vulnerabilities in PHP-Fusion 6.00.306 allow remote attackers to include and execute arbitrary local files via 1 a .. dot dot in the settingslocale parameter in infusions/lastseenuserspanel/lastseenuserspanel.php, and 2 a .. dot dot in the localeset parameter in...

Microsoft Security Bulletin MS03-015: Cumulative Patch for Internet Explorer (813489)

-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------- Title: Cumulative Patch for Internet Explorer 813489 Date: 23 April 2003 Software: Microsoft c Internet Explorer Impact: Run code of the attacker's choice on a user's machine. Max Risk: Critic...