EUVD-2014-6007

Malware in sbrugna...

EUVD-2014-6021

Malware in sbrugna...

CVE-2023-6334

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7...

CVE-2023-46376

Zentao Biz version 8.7 and before is vulnerable to Information Disclosure...

CVE-2024-23333

LDAP Account Manager LAM is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior to version 8.7, an attacker could exploit this by creating a PHP file and cause LAM to log some PHP code to this file. When th...

Security Bulletin: IBM Maximo Application Suite - IoT Component uses bcprov-jdk15on-1.70.jar which is vulnerable to CVE-2024-30172

Summary IBM Maximo Application Suite - IoT Component uses bcprov-jdk15on-1.70.jar which is vulnerable to CVE-2024-30172. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-30172 DESCRIPTION: The Bouncy Castle Crypto Package For Jav...

CVE-2024-23333

LDAP Account Manager LAM is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior to version 8.7, an attacker could exploit this by creating a PHP file and cause LAM to log some PHP code to this file. When th...

UBUNTU-CVE-2024-23333

LDAP Account Manager LAM is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior to version 8.7, an attacker could exploit this by creating a PHP file and cause LAM to log some PHP code to this file. When th...

CVE-2023-5097

Improper Input Validation vulnerability in HYPR Workforce Access on Windows allows Path Traversal.This issue affects Workforce Access: before 8.7...

CVE-2023-46376

Zentao Biz version 8.7 and before is vulnerable to Information Disclosure...

Information disclosure

Zentao Biz version 8.7 and before is vulnerable to Information Disclosure...

CVE-2023-46376

Zentao Biz version 8.7 and before is vulnerable to Information Disclosure...

SAMSUNG Mobile devices security vulnerability

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, and more, from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices version 8.7, which stems from an improper privilege retention vulnerability in Samsung...

Drupal Cache Poisoning Vulnerability (SA-CORE-2023-006) - Windows

Drupal is prone to a cache poisoning vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal"; ifdescription...

CVE-2023-22637

An improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability CWE-79 in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions in License Management would permit an authenticated...

TYPO3 is vulnerable to Cross-Site Scripting via frontend rendering

CVSS: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:F/RL:O/RC:C 8.2 Problem TYPO3 core component GeneralUtility::getIndpEnv uses the unfiltered server environment variable PATHINFO, which allows attackers to inject malicious content. In combination with the TypoScript setting...

Security Bulletin: Cross-Site Scripting vulnerability in IBM InfoSphere Information Server (CVE-2013-0502)

Abstract Security Bulletin: Cross-Site Scripting vulnerability in IBM InfoSphere Information Server CVE-2013-0502 Content SUMMARY: A Cross-Site Scripting vulnerability exists in the Web Console of IBM InfoSphere Information Server that may lead to unauthorized access when a user is tricked into...

Security Bulletin: Multiple security vulnerabilities exist in IBM InfoSphere Information Server (CVE-2013-0585, CVE-2013-3034, CVE-2013-3040 and CVE-2013-0599)

Abstract Security Bulletin: Multiple security vulnerabilities exist in IBM InfoSphere Information Server CVE-2013-0585, CVE-2013-3034, CVE-2013-3040 and CVE-2013-0599 Content SUMMARY: Security vulnerabilities exist in various versions of IBM Information Server or constituent products. Note: The...

GitLab 8.7.x - 8.15.7, 8.16.x - 8.16.7, 8.17.x - 8.17.3 Information Disclosure Vulnerability

GitLab is prone to an exposure of sensitive information to an unauthorized actor vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

OpenSSH through 8.7 allows remote attackers who have a suspicion that a certain combination of username and public key is known to an SSH server to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

...