EUVD-2005-0208

Malware in sbrugna...

SUSE CVE-2006-6053

The ext3fsdirhash function in Linux kernel 2.6.x allows local users to cause a denial of service crash via an ext3 stream with malformed data structures...

SUSE CVE-2018-14367

In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition...

GHSA-8C56-V25W-F89C Puppet arbitrary file overwrite

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file...

Moodle allows attackers to modify the visibility of a badge

badges/mybadges.php in Moodle 2.5.x before 2.5.5 and 2.6.x before 2.6.2 does not properly track the user to whom a badge was issued, which allows remote authenticated users to modify the visibility of an arbitrary badge via unspecified vectors...

XML Signature/Encryption Not Validated in Apache CXF

Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors...

LimeSurvey 2.6.x < 2.6.7, 2.7x.x < 2.73.1, 3.x.x < 3.4.2 File Disclosure Vulnerability

LimeSurvey mishandles application/controller/InstallerController.php after installation, which allows remote attackers to access the configuration file. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Centreon 2.6.x < 2.6.2 File Upload RCE

According to its version number, the Centreon application hosted on the remote web server is 2.6.x prior to 2.6.2. It is, therefore, affected by a remote code execution vulnerability due to improper sanitization of user-uploaded files via the main.php script. An authenticated, remote attacker can...

Information disclosure

Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 provides different error messages for failed login attempts in unspecified circumstances, which allows remote attackers to obtain sensitive information via a series of requests...

Atlassian Crowd XXE Vulnerability (CWD-3366) - Active Check

Atlassian Crowd is prone to an XML external entity XXE vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2011-3871

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x, when running in --edit mode, uses a predictable file name, which allows local users to run arbitrary Puppet code or trick a user into editing arbitrary files...

WordPress Multiple Vulnerabilities

WordPress is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescripti...

Debian Security Advisory DSA 427-1 (kernel-patch-2.4.17-mips)

The remote host is missing an update to kernel-patch-2.4.17-mips announced via advisory DSA 427-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

Debian Security Advisory DSA 427-1 (kernel-patch-2.4.17-mips)

The remote host is missing an update to kernel-patch-2.4.17-mips announced via advisory DSA 427-1. OpenVAS Vulnerability Test $Id: deb4271.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 427-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

DSA-427 linux-kernel-2.4.17-mips+mipsel - missing boundary check

Bulletin has no description...