Lucene search
K

33 matches found

RedHat Linux
RedHat Linux
added 2021/09/07 6:9 p.m.72 views

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.8CVSS6.6AI score0.03365EPSS
Exploits1References3
Prion
Prion
added 2021/01/07 2:15 p.m.22 views

Design/Logic Flaw

If a user downloaded a file lacking an extension on Windows, and then "Open"-ed it from the downloads panel, if there was an executable file in the downloads directory with the same name but with an executable extension such as .bat or .exe that executable would have been launched instead. Note:...

6.8CVSS8AI score0.01289EPSS
Exploits0References4Affected Software3
ThreatPost
ThreatPost
added 2020/10/20 1:0 p.m.22 views

Confronting Data Risk in the New World of Work

As IT and security professionals, COVID-19 pushed most of us into a “just make it work” mode for much of 2020. We quickly scaled up the use of collaboration platforms like Zoom, Microsoft Teams, Google Meet and Slack, recognizing that circumstances demanded some short-term risk tolerance. It’s...

6.9AI score
Exploits0References9
OSV
OSV
added 2019/02/18 11:40 p.m.22 views

GHSA-QMV4-JGP7-MF68 Sails before 0.12.7 vulnerable to Broken CORS

Affected versions of sails have an issue with the CORS configuration where the value of the origin header is reflected as the value for the Access-Control-Allow-Origin header. This may allow an attacker to make AJAX requests to vulnerable hosts through cross-site scripting or a malicious HTML...

4.4CVSS4.3AI score0.00646EPSS
Exploits0References7
Citrix
Citrix
added 2018/08/17 12:0 a.m.6 views

Applayering 4.11- unable to add pvs connector

while adding a pvs connector, we get an error as Failed to validate the Domain User and Password. Check credentials .One or more of the PVS server configuration fields is invalid. Please check your selections...

7.1AI score
Exploits0
Citrix
Citrix
added 2018/03/10 12:0 a.m.7 views

SecureMail: Unable to send emails "You cannot send the mail"

Only one user couldn't send mails, it failed with error message "You cannot send the mail" unable to send mails or reply to mails with or without attachment. The user is able to receive emails successfully...

7.1AI score
Exploits0
Node.js
Node.js
added 2016/10/05 8:26 p.m.42 views

Broken CORS

Overview Affected versions of sails have an issue with the CORS configuration where the value of the origin header is reflected as the value for the Access-Control-Allow-Origin header. This may allow an attacker to make AJAX requests to vulnerable hosts through cross-site scripting or a malicious...

2.1CVSS3.9AI score0.00646EPSS
Exploits0Affected Software1
ThreatPost
ThreatPost
added 2011/11/17 4:51 p.m.8 views

Facebook User Error Behind Porn, Mutilation Spam

A campaign of explicit spam on Facebook this week has been linked to a relatively obscure exploit method known as self-inflicted JavaScript injection and not malicious code running on Facebook’s massive network, an independent analysis has shown. The campaign, in which violent and pornographic...

0.2AI score
Exploits0References4
securityvulns
securityvulns
added 2007/03/31 12:0 a.m.43 views

MOPB-37-2007:PHP iptcembed() Interruption Information Leak Vulnerability

Summary Whenever functions accept references which all do in the default configuration it is possible for a malicious user space error handler that interrupts the function to modify the function parameters after the function has already started executing. This might for example trick the function...

0.7AI score
Exploits0
NVD
NVD
added 2006/05/30 10:2 a.m.10 views

CVE-2006-2643

Cross-site scripting XSS vulnerability in index.php in Monster Top List MTL 1.4 allows remote attackers to inject arbitrary web script or HTML via the usererrormessage parameter...

4.3CVSS5.7AI score0.01167EPSS
Exploits0References3
securityvulns
securityvulns
added 2006/05/27 12:0 a.m.38 views

XSS in Monster Top List | MTL 1.4

XSS in Monster Top List | MTL 1.4 --------------------------------- Software : Monster Top List --------------------------------- version : Monster Top List 1.4 --------------------------------- Exploit : www.site.com/index.phpusererrormessage=XSS-CODE --------------------------------- Discovery ...

2.7AI score
Exploits0
exploitpack
exploitpack
added 2002/08/08 12:0 a.m.10 views

Qualcomm Eudora 56 - File Attachment Spoofing (1)

Qualcomm Eudora 56 - File Attachment Spoofing 1 source: https://www.securityfocus.com/bid/5432/info Eudora is reported to be prone to an issue which may allow attackers to spoof the file extension in an attachment. This may aid an attacker in enticing a user of the e-mail client into executing...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/05/13 12:0 a.m.45 views

Profile overwrite/delete due to registry size limit.

All, We have discovered a bug with NT v4.0-SP6a registry size growth and overwriting of user profiles. This bug was exposed when the SMS v2.0-SP2 client runs into a condition where it continually creates new registry keys and values filling the system registry with thousands of crap entries - thu...

6.6AI score
Exploits0
Rows per page
Query Builder