32 matches found
CVE-2019-18355
An SSRF issue was discovered in the legacy Web launcher in Thycotic Secret Server before 10.7...
EUVD-2018-2723
Malware in sbrugna...
EUVD-2019-8141
Malware in sbrugna...
EUVD-2018-2720
Malware in sbrugna...
EUVD-2019-8142
Malware in sbrugna...
EUVD-2018-2724
Malware in sbrugna...
EUVD-2023-59686
Malicious code in bioql PyPI...
EUVD-2022-31888
Malicious code in bioql PyPI...
WordPress plugin Salon booking system SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability...
Apple Mac OS X SEoL (10.7.x)
According to its version, Apple Mac OS X is 10.7.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C...
BIT-MARIADB-2022-32081
MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepareinplaceaddvirtual at /storage/innobase/handler/handler0alter.cc...
mariadb: server crash in st_select_lex_unit::exclude_level
MariaDB v10.5 to v10.7 was discovered to contain a segmentation fault via the component stselectlexunit::excludelevel...
CVE-2022-48612
A Universal Cross Site Scripting UXSS vulnerability in ClassLink OneClick Extension through 10.7 allows remote attackers to inject JavaScript into any webpage, because a regular expression validating whether a URL is controlled by ClassLink is not present in all applicable places...
PT-2023-15879 · Classlink · Classlink Oneclick Extension
Name of the Vulnerable Software and Affected Versions: ClassLink OneClick Extension versions through 10.7 Description: A Universal Cross Site Scripting UXSS issue allows remote attackers to inject JavaScript into any webpage. This is because a regular expression, which validates whether a URL is...
mariadb: assertion failure at table->get_ref_count() == 0 in dict0dict.cc
MariaDB v10.5 to v10.7 was discovered to contain an assertion failure at table-getrefcount == 0 in dict0dict.cc...
SUSE CVE-2022-27386
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sqlclass.cc...
CVE-2022-32084
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component subselect...
CVE-2022-32089
Disclaimer: This data contains information about vulnerable...
Design/Logic Flaw
MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/serveraudit/serveraudit.c method logstatementex, the held lock lockbigbuffer is not released correctly, which allows local users to trigger a denial of service due to the deadlock...
PT-2022-3328 · Mariadb +9 · Mariadb +10
Name of the Vulnerable Software and Affected Versions: MariaDB versions 10.2 through 10.7 Description: The issue is related to a buffer overflow in the Item func in::cleanup/Item::cleanup processor function of the MariaDB database management system. This could allow a remote attacker to impact th...