8 matches found
CVE-2025-11022
Cross-Site Request Forgery CSRF vulnerability in Personal Project Panilux allows Cross Site Request Forgery. This CSRF vulnerability resulting in Command Injection has been identified. This issue affects Panilux: before v.0.10.0. NOTE: The vendor was contacted and responded that they deny ownersh...
CVE-2023-31439
An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security...
DEBIAN-CVE-2023-31438
An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."...
Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from hash_questions and fuzz_util.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities to the best of our knowledge.
...
PT-2018-13283 · Technicolor · Tc8305C Firmware
Technicolor formerly RCA TC8305C devices allow remote attackers to cause a denial of service networking outage via a flood of random MAC addresses, as demonstrated by macof. NOTE: this might overlap CVE-2018-15852 and CVE-2018-16310. NOTE: Technicolor denies that the described behavior is a...
UBUNTU-CVE-2017-11191
DISPUTED FreeIPA 4.x with API version 2.213 allows a remote authenticated users to bypass intended account-locking restrictions via an unlock action with an old session ID for the same user account that had been created for an earlier session. NOTE: Vendor states that issue does not exist in...
[IVIZ-08-003] TrueCrypt Security Model bypass exploiting wrong BIOS API usage
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----------------------------------------------------------------------- iViZ Security Advisory 08-003 25/08/2008 - ----------------------------------------------------------------------- iViZ Techno Solutions Pvt. Ltd. http://www.ivizsecurity.com -...
PT-2004-1295 · Vbulletin · Vbulletin
Name of the Vulnerable Software and Affected Versions: vBulletin affected versions not specified Description: A cross-site scripting XSS issue in register.php allows remote attackers to inject arbitrary HTML or web script via the reg site or possibly regsite parameter. The vendor has disputed thi...