GHSA-GFGR-6HRJ-85WW Juju affected by timing ownership claim attack on new external back-end secrets

A race condition in the secrets management subsystem of Juju versions 3.0.0 through 3.6.18 allows an authenticated unit agent to claim ownership of a newly initialized secret. Between generating a Juju Secret ID and creating the secret's first revision, an attacker authenticated as another unit...

PT-2025-4657 · WordPress · Wphocus My Auctions Allegro

Name of the Vulnerable Software and Affected Versions: WPHocus My auctions allegro versions 3.6.18 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows Reflected XSS. This means an attacker can inject malicious scripts into the...

WordPress My auctions allegro Plugin <= 3.6.18 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin My auctions allegro versions = 3.6.18...

CVE-2018-5359

The server in Flexense SysGauge 3.6.18 operating on port 9221 can be exploited remotely with the attacker gaining system-level access because of a Buffer Overflow...

Flexense SysGauge Buffer Overflow Vulnerability

Flexense SysGauge is a suite of free system performance monitoring applications from Flexense USA. A buffer overflow vulnerability exists in the server in Flexense SysGauge version 3.6.18. When running on port 9221, a remote attacker can exploit this vulnerability to gain system-level access...

Flexense SysGauge Server Denial of Service Vulnerability

Flexense SysGauge Server is a free system performance monitoring application from Flexense, Inc. Control Protocol is one of the control protocols. A denial of service vulnerability exists in Control Protocol in Flexense SysGauge Server version 3.6.18. The vulnerability can be exploited to cause a...

Mozilla Firefox 3.6.x < 3.6.18 Multiple Vulnerabilities

Binary data 801252.prm...