Linux Distros Unpatched Vulnerability : CVE-2012-4451

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in Zend Framework 2.0.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via...

DeepSeek R1 安全漏洞

DeepSeek R1 is a large language modeling and AI technology platform from China-based DeepSeek. A security vulnerability exists in DeepSeek R1 V3.1 and earlier versions, which stems from the unspecified input field is vulnerable to cross-site scripting attacks and could lead to the execution of...

SUSE CVE-2015-8051

The Adobe Premiere Clip app before 1.2.1 for iOS mishandles unspecified input, which has unknown impact and attack vectors...

CVE-2022-46369

Rumpus - FTP server version 9.0.7.1 Persistent cross-site scripting PXSS – vulnerability may allow inserting scripts into unspecified input fields...

VulnCheck KEV: CVE-2020-9934

Apple iOS, iPadOS, and macOS contain an unspecified vulnerability involving input validation which can allow a local attacker to view sensitive user information...

GHSA-4793-W44W-M7XM Plone Zope cross-site scripting (XSS) vulnerability

Multiple cross-site scripting XSS vulnerabilities in Zope, as used in Plone 3.3.x through 3.3.6, 4.0.x through 4.0.9, 4.1.x through 4.1.6, 4.2.x through 4.2.7, and 4.3 through 4.3.2, allow remote attackers to inject arbitrary web script or HTML via unspecified input in the 1 browseridmanager or 2...

Plone Zope cross-site scripting (XSS) vulnerability

Multiple cross-site scripting XSS vulnerabilities in Zope, as used in Plone 3.3.x through 3.3.6, 4.0.x through 4.0.9, 4.1.x through 4.1.6, 4.2.x through 4.2.7, and 4.3 through 4.3.2, allow remote attackers to inject arbitrary web script or HTML via unspecified input in the 1 browseridmanager or 2...

CVE-2012-4451

Multiple cross-site scripting XSS vulnerabilities in Zend Framework 2.0.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified input to 1 Debug, 2 Feed\PubSubHubbub, 3 Log\Formatter\Xml, 4 Tag\Cloud\Decorator, 5 Uri, 6 View\Helper\HeadStyle, 7...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Zope, as used in Plone 3.3.x through 3.3.6, 4.0.x through 4.0.9, 4.1.x through 4.1.6, 4.2.x through 4.2.7, and 4.3 through 4.3.2, allow remote attackers to inject arbitrary web script or HTML via unspecified input in the 1 browseridmanager or 2...

Privilege Escalation

MySQL Server is vulnerable to privilege escalation. The vulnerability exists as an unspecified vulnerability in Oracle MySQL . This allows a remote authenticated user to manipulate with an unknown input. affected component is 'Privileges'...

Memory corruption

The tzdriver module in Huawei Mate 7 Mate7-TL10 smartphones before V100R001CHNC00B126SP03 allows local users to gain privileges or cause a denial of service memory corruption via an unspecified input...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities on the Accellion File Transfer Appliance FTA before FTA91240 allow remote attackers to inject arbitrary web script or HTML via unspecified input to 1 getimageajax.php, 2 movepartitionframe.html, or 3 wmInfo.html...

CVE-2015-8051

The Adobe Premiere Clip app before 1.2.1 for iOS mishandles unspecified input, which has unknown impact and attack vectors...

CVE-2015-8051

The Adobe Premiere Clip app before 1.2.1 for iOS mishandles unspecified input, which has unknown impact and attack vectors...

Puppet Dashboard Multiple XSS Vulnerabilities

According to its self-reported version number, the Puppet Dashboard install on the remote host is later than version 1.0 but prior to 1.2.5. It is, therefore, affected by multiple cross-site scripting vulnerabilities. Multiple cross-site scripting flaws exist where unspecified input is not...

CVE-2009-2742

Cross-site scripting XSS vulnerability in Eclipse Help in IBM WebSphere Application Server WAS 6.1 before 6.1.0.27 allows remote attackers to inject arbitrary web script or HTML via unspecified input...

Design/Logic Flaw

Multiple insecure method vulnerabilities in the Symantec.EasySetup.1 ActiveX control in EasySetupInt.dll 14.0.4.30167 in the EasySetup wizard in Symantec Norton Ghost 14.0 allow remote attackers to cause a denial of service browser crash and possibly execute arbitrary code via unspecified input t...

Cacti 0.8.7 - tree.php Multiple SQL Injections

Cacti 0.8.7 - tree.php Multiple SQL Injections source: https://www.securityfocus.com/bid/27749/info Cacti is prone to multiple unspecified input-validation vulnerabilities, including: - Multiple cross-site scripting vulnerabilities - Multiple SQL-injection vulnerabilities - An HTTP...

[SA12843] WowBB Forum Unspecified SQL Injection and Cross-Site Scripting

TITLE: WowBB Forum Unspecified SQL Injection and Cross-Site Scripting SECUNIA ADVISORY ID: SA12843 VERIFY ADVISORY: http://secunia.com/advisories/12843/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Manipulation of data WHERE: From remote SOFTWARE: WowBB Forum 1.x...