55 matches found
SUSE SLES12 Security Update : memcached (SUSE-SU-2026:2292-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2292-1 advisory. This update for memcached fixes the following issues - CVE-2026-47783: timing side-channel in SASL password database authentication username...
CVE-2024-33288
Prison Management System Using PHP v1.0 was discovered to contain a SQL injection vulnerability via the username on the Admin login page...
CVE-2024-33288
Prison Management System Using PHP v1.0 was discovered to contain a SQL injection vulnerability via the username on the Admin login page...
CVE-2024-33288
Prison Management System Using PHP v1.0 was discovered to contain a SQL injection vulnerability via the username on the Admin login page...
OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username
A flaw was found in OpenSSH. This vulnerability allows a remote attacker to achieve arbitrary command execution by injecting shell metacharacters into a username provided on the command line. Exploitation requires an untrusted username and a non-default configuration of the '%' character in...
Important: Red Hat Security Advisory: openssh security update
An update for openssh is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
CVE-2018-25301 Easy MPEG to DVD Burner 1.7.11 SEH Local Buffer Overflow
Easy MPEG to DVD Burner 1.7.11 contains a structured exception handling SEH local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious username string. Attackers can craft a payload containing junk data, SEH chain pointers, and shellcode tha...
CVE-1999-0224
Denial of service in Windows NT messenger service through a long username...
CVE-2019-16374
Pega Platform 8.2.1 allows LDAP injection because a username can contain a character and can be of unlimited length. An attacker can specify four characters of a username, followed by the character, to bypass access control...
ROS-20251203-09
A vulnerability in the ProxyCommand component of the OpenSSH cryptographic protection tool is related to the injection of a null byte %00 in the username string. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
Revive Adserver Username In-Blank Neutralization and Improper Vulnerability
Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver suffers from a...
EUVD-2002-2075
Malware in sbrugna...
EUVD-2014-5408
Malware in sbrugna...
EUVD-2018-8411
Malware in sbrugna...
EUVD-2000-0479
Malware in sbrugna...
EUVD-2004-2714
Malware in sbrugna...
EUVD-2019-16057
Malware in sbrugna...
EUVD-2024-52685
Malicious code in bioql PyPI...
EUVD-2023-2397
Malicious code in bioql PyPI...
CVE-2012-10047
CVE-2012-10047 concerns Cyclope Employee Surveillance Solution, version 6.x. A SQL injection flaw in the login flow (auth-login) arises because the username parameter is not properly sanitized, enabling an attacker to inject arbitrary SQL. According to connected documents, this can be leveraged t...