EUVD-2024-41609

Malicious code in bioql PyPI...

CVE-2025-5952

A vulnerability, which was classified as critical, has been found in Zend.To up to 6.10-6 Beta. This issue affects the function exec of the file NSSDropoff.php. The manipulation of the argument file1 leads to os command injection. The attack may be initiated remotely. The exploit has been disclos...

CVE-2018-20663

The Reporting Addon aka Reports Addon through 2019-01-02 for CUBA Platform through 6.10.x has Persistent XSS via the "Reports Reports" name field...

Amazon Linux 2023 : squid (ALAS2023-2025-857)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-857 advisory. Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource...

Squid 3.x < 6.10 / 7.0.0 DoS (SQUID-2024:04)

Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted...

CVE-2024-45802 Squid Denial of Service

Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted...

CVE-2024-45802 Squid Denial of Service

Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted...

SUSE SLES15 / openSUSE 15 Security Update : squid (SUSE-SU-2024:2268-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:2268-1 advisory. - Update to version 6.10 - CVE-2024-37894: Fixed a denial of Service issue in ESI processing bsc1227086 Tenable has extracted...

WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.10 is vulnerable to Broken Access Control

Software Spam protection, AntiSpam, FireWall by CleanTalk Type Plugin Vulnerable versions = 6.10 Fixed in 6.11 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-33996 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID b4ca9dd06551...

Aruba Networks ClearPass 安全漏洞

Aruba Networks ClearPass is an access management system from Aruba Networks, Inc. that integrates network control, application and device management capabilities. A security vulnerability exists in Aruba Networks ClearPass. An attacker could exploit the vulnerability to elevate user privileges to...

CVE-2022-37453

An issue was discovered in Softing OPC UA C++ SDK before 6.10. A buffer overflow or an excess allocation happens due to unchecked array and matrix bounds in structure data types...

CVE-2022-23694

Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information...

CVE-2022-37878

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to comple...

CVE-2022-37882

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to comple...

PT-2022-24124 · Aruba · Aruba Clearpass Policy Manager

Name of the Vulnerable Software and Affected Versions: Aruba ClearPass Policy Manager versions 6.10.x through 6.10.6 Aruba ClearPass Policy Manager versions 6.9.x through 6.9.11 Description: Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated...

Aruba ClearPass Policy Manager Command Injection Vulnerability (CNVD-2022-10721)

Aruba ClearPass Policy Manager is an application of Aruba, Inc. that provides wireless network security access management system Aruba ClearPass Policy Manager has a security vulnerability that stems from a remote arbitrary command execution vulnerability in Aruba ClearPass Policy Manager version...

Command injection

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager versions: ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for...

CUBA Platform Reporting Addon Cross-Site Scripting Vulnerability

CUBA Platform is an open source Java Web framework for enterprise applications . Reporting Addon aka Reports Addon is one of the reporting addon . A cross-site scripting vulnerability exists in Reporting Addon in CUBA Platform 6.10.x and earlier versions 2019-01-02 and earlier. A remote attacker...

Sysax Multi Server SSH Component NULL Pointer Dereference DOS Vulnerability

The host is running Sysax Multi Server and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: gbsysaxmultiserversshdosvuln.nasl 6074 2017-05-05 09:03:14Z teissa $ Sysax Multi Server SSH Component NULL Pointer Dereference DOS Vulnerability Authors: Antu Sanadi Copyright:...