GFI Kerio Control 安全漏洞

GFI Kerio Control is a Unified Threat Management UTM solution from GFI Malta. The product includes features such as virus protection, web content filtering and application filtering. A security vulnerability exists in GFI Kerio Control version 9.4.5, which stems from an authentication bypass that...

GFI Kerio Control 安全漏洞

GFI Kerio Control is a Unified Threat Management UTM solution from GFI Malta. The product includes features such as virus protection, web content filtering and application filtering. A security vulnerability exists in GFI Kerio Control version 9.4.5, which stems from a lack of authentication and...

CVE-2024-4183

Mattermost versions 8.1.x before 8.1.12, 9.6.x before 9.6.1, 9.5.x before 9.5.3, 9.4.x before 9.4.5 fail to limit the number of active sessions, which allows an authenticated attacker to crash the server via repeated requests to the getSessions API after flooding the sessions table...

WordPress WordPress Tooltips Plugin < 9.4.5 is vulnerable to SQL Injection

Software WordPress Tooltips Type Plugin Vulnerable versions 9.4.5 Fixed in 9.4.5 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-30243 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 3d42caaef59c Credits Yudistira Arya Required privilege Contributor...

CVE-2022-24388 Authenticated Privileged Command Injection Vulnerability in Fidelis Network and Deception

Vulnerability in rconfig “date” enables an attacker with user level access to the CLI to inject root level commands into Fidelis Network and Deception CommandPost, Collector, Sensor, and Sandbox components as well as neighboring Fidelis components. The vulnerability is present in Fidelis Network...

CVE-2022-24391 Authenticated SQL Injection Vulnerability in Fidelis Network and Deception

Vulnerability in Fidelis Network and Deception CommandPost enables SQL injection through the web interface by an attacker with user level access. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability...

CVE-2022-24394

Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command injection through the web interface using the “updatecheckfile” value for the “filename” parameter. The vulnerability could allow a specially crafted HTTP request to execute system commands on the CommandPost...

MGASA-2020-0052 Updated glpi packages fix security vulnerabilities

The glpi package has been updated to version 9.4.5, fixing several bugs and security issues. See the upstream announcements for details...

Updated glpi packages fix security vulnerabilities

The glpi package has been updated to version 9.4.5, fixing several bugs and security issues. See the upstream announcements for details...

SUSE-SU-2016:0482-1 Security update for postgresql94

This update of postgresql94 to 9.4.5 fixes the following issues: CVE-2015-5289: json or jsonb input values constructed from arbitrary user input could have crashed the PostgreSQL server and caused a denial of service bsc949670 CVE-2015-5288: crypt pgCrypto extension couldi potentially be exploite...

Adobe Reader Multiple Vulnerabilities (Sep 2011) - Linux

Adobe Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...

Loggix Project 9.4.5 SQL Injection

Salvatore "drosophila" Fresta + Application: Loggix Project + Version: 9.4.5 + Website: http://loggix.gotdns.org + Bugs: A Blind SQL Injection + Exploitation: Remote + Date: 10 Apr 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore "drosophila" Fresta + Contact: e-mail:...

Loggix Project 9.4.5 - &#039;refer_id&#039; Blind SQL Injection

Salvatore "drosophila" Fresta + Application: Loggix Project + Version: 9.4.5 + Website: http://loggix.gotdns.org + Bugs: A Blind SQL Injection + Exploitation: Remote + Date: 10 Apr 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore "drosophila" Fresta + Contact: e-mail:...