EUVD-2018-7482

Malware in sbrugna...

EUVD-2023-31836

Malicious code in bioql PyPI...

CVE-2022-44574

An improper authentication vulnerability exists in Avalanche version 6.3.x and below allows unauthenticated attacker to modify properties on specific port...

Atlassian JIRA SEoL (6.3.x)

According to its version, Atlassian JIRA is 6.3.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C...

CVE-2023-32562

An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution. Fixed in version 6.4.1...

CVE-2023-38197

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion...

Authentication flaw

An improper authentication vulnerability exists in Avalanche version 6.3.x and below allows unauthenticated attacker to modify properties on specific port...

Information disclosure

An information disclosure vulnerability in Web Vulnerability Scan profile of Fortinet's FortiWeb version 6.2.x below 6.2.4 and version 6.3.x below 6.3.5 may allow a remote authenticated attacker to read the password used by the FortiWeb scanner to access the device defined in the scan profile...

EMC RSA Archer 6.1.x, 6.2.x, 6.3.x < 6.3.0.7 and 6.4.x < 6.4.0.1 SQL Injection Vulnerability

The version of EMC RSA Archer running on the remote web server is 6.1.x, 6.2.x, 6.3.x prior to 6.3.0.7 or 6.4.x prior to 6.4.0.1. It is, therefore, affected by SQL Injection Vulnerability. See advisory for details. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11221...

TIBCO JasperReports XSS Vulnerability (Nov 2017)

TIBCO JasperReports contain a vulnerability which may allow a subset of authorized users to perform persistent cross-site scripting XSS attacks. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective righ...

CVE-2017-4929

VMware NSX Edge 6.2.x before 6.2.9 and 6.3.x before 6.3.5 contains a moderate Cross-Site Scripting XSS issue which may lead to information disclosure...

CVE-2016-4856

Cross-site scripting vulnerability in Splunk Enterprise 6.3.x prior to 6.3.5 and Splunk Light 6.3.x prior to 6.3.5 allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors...

Design/Logic Flaw

Splunk Web in Splunk Enterprise versions 6.5.x before 6.5.2, 6.4.x before 6.4.5, 6.3.x before 6.3.9, 6.2.x before 6.2.13, 6.1.x before 6.1.12, 6.0.x before 6.0.13, 5.0.x before 5.0.17 and Splunk Light versions before 6.5.2 allows remote authenticated users to cause a denial of service daemon cras...

Splunk Enterprise Python Vulnerabilities (SP-CAAAPSR)

Splunk Enterprise is prone to multiple vulnerabilities in Python. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:splunk:splunk";...

Input validation

IBM Tivoli Storage Manager for Space Management aka Spectrum Protect for Space Management 6.3.x before 6.3.2.6, 6.4.x before 6.4.3.3, and 7.1.x before 7.1.6, when certain dsmsetpw tracing is configured, allows local users to discover an encrypted password by reading application-trace output...

Juniper ScreenOS 6.2.0r15 < 6.2.0r19 / 6.3.0r12 < 6.3.0r21 Multiple Vulnerabilities (JSA10713)

The remote host is running a version of Juniper ScreenOS that is 6.2.x prior to 6.2.0r19 or 6.3.x prior to 6.3.0r21. It is, therefore, affected by multiple vulnerabilities : - A backdoor exists that allows a remote attacker administrative access to the device over SSH or telnet. CVE-2015-7755 - A...

Skybox Security 6.3.x - 6.4.x - Multiple Information Disclosure

No description provided by source...

Skybox Security 6.3.x &lt; 6.4.x - Multiple Denial of Service Vulnerabilities

Exploit Title: SKYBOX Security - DDOS Date: 22-Jan-2014 Exploit Author: Luigi Vezzoso Vendor Homepage: http://www.skyboxsecurity.com Version: Skybox View Appliances with ISO versions: 6.3.33-2.14, 6.3.31-2.14, 6.4.42-2.54, 6.4.45-2.56, 6.4.46-2.57 Tested on: Centos 6.4 kernel 2.6.32 CVE :...

Null pointer dereference

IBM solidDB 4.5.x before 4.5.182, 6.0.x before 6.0.1069, 6.1.x and 6.3.x before 6.3 FP8 aka 6.3.49, and 6.5.x before 6.5 FP4 aka 6.5.0.4 does not properly handle the 1 rpctestsvcreadwrite and 2 rpctestsvcdone commands, which allows remote attackers to cause a denial of service NULL pointer...