9 matches found
EUVD-2001-1150
Malware in sbrugna...
EUVD-2024-54695
Malicious code in bioql PyPI...
Rejetto HTTP File Server (HFS) Unauthenticated Remote Code Execution Exploit
The Rejetto HTTP File Server HFS version 2.x is vulnerable to an unauthenticated server side template injection SSTI vulnerability. A remote unauthenticated attacker can execute code with the privileges of the user account running the HFS.exe server process. This exploit has been tested to work...
SUSE-RU-2023:3956-1 Recommended update for mariadb104
This update for mariadb104 fixes the following issues: - Implement version 10.4 of MariaDB jscPED-2455: It is possible to use more than one authentication plugin for each user account. The root user account is being created with the ability to use two authentication plugins. All user accounts,...
CVE-2016-1458
The CVE-2016-1458 issue affects Cisco Firepower Management Center (FMC) 4.x–5.x and Cisco ASA 5500-X Series with FirePOWER Services, where the web-based GUI allows remote authenticated users to elevate privileges by sending crafted HTTP requests (Bug CSCur25483). Affected FMC/ASA versions include...
CVE-2016-1458
The web-based GUI in Cisco Firepower Management Center 4.x and 5.x before 5.3.0.3, 5.3.1.x before 5.3.1.2, and 5.4.x before 5.4.0.1 and Cisco Adaptive Security Appliance ASA Software on 5500-X devices with FirePOWER Services 4.x and 5.x before 5.3.0.3, 5.3.1.x before 5.3.1.2, and 5.4.x before...
Microsoft SharePoint Server 2.0 - Picture Source HTML Injection
Microsoft SharePoint Server 2.0 - Picture Source HTML Injection source: https://www.securityfocus.com/bid/28706/info Microsoft SharePoint Server is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Note that to perform attacks, an attacke...
CVE-2001-1169
keyinit in S/Key does not require authentication to initialize a one-time password sequence, which allows an attacker who has gained privileges to a user account to create new one-time passwords for use in other activities that may use S/Key authentication, such as sudo...
SalesLogix Eviewer Web App Bug: URL request crashes eviewer web application
Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, I am not liable for any damages caused by direct or indirect use of the information or functionality provided by this advisory. I bear NO responsibility for...