UBUNTU-CVE-2026-32953

Tillitis TKey Client package is a Go package for a TKey client. Versions 1.2.0 and below contain a critical bug in the tkeyclient Go module which causes 1 out of every 256 User Supplied Secrets USS to be silently ignored, producing the same Compound Device Identifier CDI—and thus the same key...

EUVD-2011-0399

Malware in sbrugna...

EUVD-2013-0002

Malware in sbrugna...

EUVD-2023-33328

Malicious code in bioql PyPI...

ClamAV 安全漏洞

ClamAV Clam AntiVirus is a free and open source antivirus program from the ClamAV team. The software is used to detect Trojans, viruses, malware and other malicious threats. A security vulnerability exists in ClamAV that stems from allowing the ClamD process to write to its log files under...

Synology Router Manager (SRM) 1.2.x, 1.3.x Uncontrolled Search Path Element Privilege Escalation Vulnerability (Synology-SA-23:06)

Synology Router Manager SRM is prone to an uncontrolled search path element privilege escalation vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Synology Router Manager (SRM) 1.2.x DoS Vulnerability (Synology-SA-20:11) - Remote Known Vulnerable Versions Check

Synology Router Manager SRM is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

SUSE CVE-2004-0797

The error handling in the 1 inflate and 2 inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service application crash...

SUSE CVE-2010-0745

Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service CPU consumption via long headers in an e-mail message...

SUSE CVE-2014-3756

The client in Mumble 1.2.x before 1.2.6 allows remote attackers to force the loading of an external file and cause a denial of service hang and resource consumption via a crafted string that is treated as rich-text by a Qt widget, as demonstrated by the 1 user or 2 channel name in a Qt dialog, 3...

PT-2021-11829 · Cacti +4 · Cacti +4

Name of the Vulnerable Software and Affected Versions: Cacti versions 1.2.x through 1.2.16 Description: A SQL injection issue in data debug.php allows remote authenticated attackers to execute arbitrary SQL commands via the site id parameter, potentially leading to remote code execution...

Cross site scripting

MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks...

DEBIAN-CVE-2019-13045

Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when SASL is enabled, has a use after free when sending SASL login to the server...

Apache Syncope Information Disclosure Vulnerability

Apache Syncope is the United States Apache Apache Software Foundation's set of open source digital identity management system for use in enterprise environments. The system supports identity management, role configuration and more. A security vulnerability exists in Apache Syncope versions 1.2.x...

Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26095/info Asterisk 'asterisk-addons' package is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

PT-2013-5900

Name of the Vulnerable Software and Affected Versions Spring Signage Xibo versions 1.2.x through 1.2.2 Spring Signage Xibo versions 1.4.x through 1.4.1 Description The issue allows remote attackers to read arbitrary files. This is achieved by using a .. dot dot in the p parameter to the "index.ph...

MantisBT 1.2.x < 1.2.14 adm_config_report.php Multiple Parameter XSS

According to its version number, the MantisBT install hosted on the remote web server is affected by multiple cross-site scripting vulnerabilities : - A flaw exists in on the Configuration Report page in the 'admconfigreport.php' script. CVE-2013-1932 - A flaw exists because the application fails...

Directory traversal

Directory traversal vulnerability in edituser.php in ImpressCMS 1.2.x before 1.2.7 Final and 1.3.x before 1.3.1 Final allows remote authenticated users to include and execute arbitrary local files via a .. dot dot in the icmsConfigPluginssanitizerplugins parameter...

Mahara Multiple Vulnerabilities (Apr 2011)

Mahara is prone to multiple cross-site scripting XSS and cross-site request forgery CSRF vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

django -- cross-site scripting vulnerability

The remote host is missing an update to the system as announced in the referenced advisory. VID 3ff95dd3-c291-11df-b0dc-00215c6a37bb OpenVAS Vulnerability Test $ Description: Auto generated from VID 3ff95dd3-c291-11df-b0dc-00215c6a37bb Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...