6 matches found
Infinite loop
Overview Microsoft.AspNetCore.App.Runtime.win-x86 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Infinite loop in the FormDataReader.ProcessFormKeys...
Linux Distros Unpatched Vulnerability : CVE-2023-34244
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. Starting in version 9.4.0 and prior to version 10.0.8, a malicious link can be crafted by an...
UBUNTU-CVE-2023-34244
GLPI is a free asset and IT management software package. Starting in version 9.4.0 and prior to version 10.0.8, a malicious link can be crafted by an unauthenticated user that can exploit a reflected XSS in case any authenticated user opens the crafted link. Users should upgrade to version 10.0.8...
PT-2023-24768 · Glpi +2 · Glpi +2
Name of the Vulnerable Software and Affected Versions: GLPI versions 9.4.0 through 10.0.7 Description: GLPI is a free asset and IT management software package. A malicious link can be crafted by an unauthenticated user that can exploit a reflected XSS in case any authenticated user opens the...
PT-2023-4273 · Glpi +2 · Glpi +2
Name of the Vulnerable Software and Affected Versions: GLPI versions 0.80 through 10.0.7 Description: The issue is related to a lack of protection against SQL injection attacks in the GLPI system, which manages IT assets and inventory. This can be exploited by a remote attacker to execute arbitra...
PT-2023-3798 · Glpi +2 · Glpi +2
Name of the Vulnerable Software and Affected Versions: GLPI versions 9.5.0 through 10.0.7 Description: The issue is related to inadequate access control in the GLPI system, which can be exploited by a remote attacker to modify or view dashboard data. This is due to an incorrect rights check on a...