EUVD-2022-31959

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-27377

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Itemfuncin::cleanup, which is exploited via specially crafted SQL...

BIT-MARIADB-MIN-2021-46658

savewindowfunctionvalues in MariaDB before 10.6.3 allows an application crash because of incorrect handling of withwindowfunc=true for a subquery...

WordPress Booking Calendar Plugin < 10.6.3 is vulnerable to Cross Site Scripting (XSS)

Software Booking Calendar Type Plugin Vulnerable versions 10.6.3 Fixed in 10.6.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10027 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 999b4bfc809b Credits Dmitrii Ignatyev...

Tenable Nessus Arbitrary File Write Vulnerability (TNS-2023-40)

Tenable Nessus is prone to an arbitrary file write vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"...

Tenable Nessus < 10.6.3 (TNS-2023-40)

According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 10.6.3. It is, therefore, affected by a vulnerability as referenced in the TNS-2023-40 advisory. - An arbitrary file write vulnerability exists where an authenticated, remote attacker wit...

[R1] Nessus Version 10.6.3 Fixes One Vulnerability

R1 Nessus Version 10.6.3 Fixes One Vulnerability Arnie Cabral Thu, 11/16/2023 - 10:23 An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus Rules variables to overwrite arbitrary files on the...

CVE-2023-27765

An issue found in Wondershare Technology Co.,Ltd Recoverit v.10.6.3 allows a remote attacker to execute arbitrary commands via the recoveritsetupfull4134.exe file...

Wondershare 代码问题漏洞

Wondershare is a data transfer tool. A security vulnerability exists in Wondershare version v.10.6.3. An attacker exploiting this vulnerability can remotely execute commands via recoveritsetupfull4134.exe...

Important: mariadb105

Issue Overview: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise...

MariaDB 资源管理错误漏洞

MariaDB is a free and open source database management system from the MariaDB Foundation and a branch version of MySQL that uses the Maria storage engine. a memory misquote vulnerability exists in MariaDB v10.6.3 and lower, which originates in the /strings/ctype-simple.c component my...

MariaDB 资源管理错误漏洞

MariaDB is a free and open source database management system from the MariaDB Foundation and a forked version of MySQL with the Maria storage engine. A memory misreference vulnerability exists in MariaDB v10.6.3 and lower, no details of the vulnerability are provided at this time...

ALPINE-CVE-2022-27377

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Itemfuncin::cleanup, which is exploited via specially crafted SQL statements...

MariaDB DoS Vulnerability (MDEV-25630) - Windows

MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...

PT-2022-5556 · Mariadb +9 · Mariadb Server +9

Name of the Vulnerable Software and Affected Versions: MariaDB Server versions prior to 10.6.3 Description: The issue is related to the use of memory after it has been freed in the Binary string::free buffer function of the MariaDB component /sql/sql string.h. This can be exploited by a remote...

Cross site scripting

GitLab Community and Enterprise Editions version 9.2 up to 10.4 are vulnerable to XSS because a lack of input validation in the milestones component leads to cross site scripting specifically, data-milestone-id in the milestone dropdown feature. This is fixed in 10.6.3, 10.5.7, and 10.4.7...

Symantec Messaging Gateway Multiple Vulnerabilities (Aug 2017)

Symantec Messaging Gateway is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-6328

The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of cross site request forgery also known as one-click attack and is abbreviated as CSRF or XSRF, which is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the web applicati...

Apple iTunes 10.6.1.7 M3U Playlist File Walking Heap Buffer Overflow

Exploit for multiple platform in category dos / poc !/usr/bin/perl Apple iTunes 10.6.1.7 M3U Playlist File Walking Heap Buffer Overflow Vendor: Apple Inc. Product web page: http://www.apple.com Affected version: 10.6.1.7 and 10.6.0.40 Summary: iTunes is a free application for your Mac or PC. It...

Apple iTunes '.m3u' Playlist Code Execution Vulnerability - Mac OS X

Apple iTunes is prone to code execution vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:itunes";...