CVE-2020-37175 P2PWIFICAM2 for iOS 10.4.1 - 'Camera ID' Denial of Service

P2PWIFICAM2 for iOS 10.4.1 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the Camera ID input field. Attackers can paste a 257-character buffer into the Camera ID field to trigger an application crash on iOS devices...

FRRouting 安全漏洞

FRRouting is FRRouting open source a network routing software suite running on a Unix-like platform . FRRouting has a denial of service vulnerability caused by a NULL pointer dereference via the showvtyextprefprefsid function on ospfext.c, which can be exploited by an attacker to cause a denial o...

CVE-2020-11063

In TYPO3 CMS versions 10.4.0 and 10.4.1, it has been discovered that time-based attacks can be used with the password reset functionality for backend users. This allows an attacker to mount user enumeration based on email addresses assigned to backend user accounts. This has been fixed in 10.4.2...

CVE-2020-8427

In Unitrends Backup before 10.4.1, an HTTP request parameter was not properly sanitized, allowing for SQL injection that resulted in an authentication bypass...

CVE-2023-28952 IBM Cognos Controller log injection

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to injection attacks in application logging by not sanitizing user provided data. IBM X-Force ID: 251463...

IBM Cognos Controller 安全漏洞

IBM Cognos Controller is a suite of business intelligence and planning solutions from International Business Machines IBM. The product features process automation, financial audit control, and creating and managing financial reports. A security vulnerability exists in IBM Cognos Controller versio...

PT-2024-12907 · Ibm · Ibm Cognos Controller

Name of the Vulnerable Software and Affected Versions: IBM Cognos Controller versions 10.4.1 through 11.0.0 Description: The issue allows an authenticated user to impersonate another user on the system because the session is not invalidated after logout. Recommendations: For versions 10.4.1 throu...

BIT-TYPO3-2020-11063

In TYPO3 CMS versions 10.4.0 and 10.4.1, it has been discovered that time-based attacks can be used with the password reset functionality for backend users. This allows an attacker to mount user enumeration based on email addresses assigned to backend user accounts. This has been fixed in 10.4.2...

CVE-2023-46651

Jenkins Warnings Plugin 10.5.0 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to. This fix has been backported to 10.4.1...

[R1] Nessus Version 10.4.1 Fixes Multiple Vulnerabilities

R1 Nessus Version 10.4.1 Fixes Multiple Vulnerabilities Arnie Cabral Wed, 11/02/2022 - 17:01 Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components OpenSSL, expat were found to contain vulnerabilities, and updated versions have been...

CVE-2020-11063

In TYPO3 CMS versions 10.4.0 and 10.4.1, it has been discovered that time-based attacks can be used with the password reset functionality for backend users. This allows an attacker to mount user enumeration based on email addresses assigned to backend user accounts. This has been fixed in 10.4.2...

TYPO3 Link Handling Component Cross-Site Scripting Vulnerability

TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. A cross-site scripting vulnerability exists in the Link Handling component of TYPO3 versions 9.5.12 through 9.5.16 and 10.2.0 through 10.4.1. The vulnerability stems from a lack of proper...

Security Bulletin: IBM Cognos Controller 2020Q1 Security Updater: Multiple Security Vulnerabilities have been identified in IBM Cognos Controller

Summary This bulletin addresses several security vulnerabilities that are fixed in IBM Cognos Controller 10.4.1 IF4, 10.4.0 IF7, 10.3.1 IF13 and 10.3.0 FP1 IF14. There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7 and the IBM® Runtime Environment Jav...

Node.js Denial-of-Service Vulnerability - 01 - Mac OS X

Node.js is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...

ArcGis Server < 10.4.1 RCE Vulnerability

ArcGIS Server is prone to a remote code execution RCE vulnerability. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...