dotnet: Denial of Service in X509Certificate2

A denial of service vulnerability exists in .NET applications with OpenSSL support when parsing X509 certificates. The issue arises from inadequate validation of user-supplied input in .NET. This flaw allows a remote attacker to trigger a denial of service DoS attack by providing specially crafte...

CVE-2023-28985

An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention IDP of Juniper Networks SRX Series and MX Series allows an unauthenticated, network-based attacker to cause Denial of Service DoS. Continued receipt of this specific packet will cause a...

Security Bulletin: IBM CICS TX Standard is vulnerable to HTTP Header injection (CVE-2022-34306)

Summary IBM CICS TX Standard could allow a remote attacker to invoke cross-site scripting, cache poisoning or session hijacking attacks on a vulnerable system. The fix removes this vulnerability CVE-2022-34306 from IBM CICS TX Standard. Vulnerability Details CVEID:CVE-2022-34306 DESCRIPTION: IBM...

Complete Online Job Search System SQL注入漏洞（CNVD-2022-48792）

Complete Online Job Search System is an online job search system. complete Online Job Search System is vulnerable to SQL injection, which originates from eris/admin/vacancy/index.php?view=edit & id=page missing validation of external input SQL statements. An attacker could use this vulnerability ...

Badminton Center Management System SQL注入漏洞（CNVD-2022-44736）

Badminton Center Management System is a badminton center management system from Carlo Montero's personal developer. It provides an online and automated platform for badminton centers to manage their daily transactions and records.Badminton Center Management System version v1.0 is vulnerable to SQ...

Delta Electronics DIAEnergie SQL Injection Vulnerability (CNVD-2022-27436)

Delta Electronics DIAEnergie is an industrial energy management system used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximize energy efficiency.Delta Electronics...

Design/Logic Flaw

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF Configuration Group File file i...

Security Bulletin: Apache Commons Codec Vulnerability Affects IBM Control Center

Summary Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper validation of input. Vulnerability Details Third Party Entry: 177835 DESCRIPTION: Apache Commons Codec information disclosure CVSS Base score: 7.5 CVSS Temporal Score: See:...

Cisco Web Security Appliance Command Injection and Privilege Escalation Vulnerability

A vulnerability in the web interface of the Cisco Web Security Appliance WSA could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid administrator credentials. The vulnerability is due to insufficient...

Active Perl Locale::Maketext Module Multiple Code Injection Vulnerabilities (Windows)

The host is installed with Active Perl and is prone to multiple code injection vulnerabilities. OpenVAS Vulnerability Test $Id: gbactiveperlmaketextmultcodeinjevulnwin.nasl 6074 2017-05-05 09:03:14Z teissa $ Active Perl Locale::Maketext Module Multiple Code Injection Vulnerabilities Windows...