110 matches found
Apple watchOS Messages has an unspecified vulnerability
Apple watchOS is an operating system for smartwatches from Apple Inc. Messages is an application component for sending text, photos and videos. A security vulnerability exists in the Messages component in Apple watchOS versions prior to 5.3. After being removed from an iMessage call, an attacker...
MetInfo Cross-Site Request Forgery Vulnerability (CNVD-2019-14687)
MetInfo is a content management system CMS developed by China Mito MetInfo using PHP and Mysql. A cross-site request forgery vulnerability exists in Metinfo version 5.3.18. The vulnerability stems from a WEB application that does not adequately validate whether a request is coming from a trusted...
GHSA-HJM9-576Q-399P Remote Code Execution in esigate-core
esigate.org esigate version 5.2 and earlier contains a CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in ESI directive with user specified XSLT that can result in Remote Code Execution. This attack appear to be exploitable vi...
CVE-2018-19340
Guriddo Form PHP 5.3 has XSS via the demos/jqform/defaultnodb/default.php OrderID, ShipName, ShipAddress, ShipCity, ShipPostalCode, ShipCountry, Freight, or details parameter...
Ivanti Avalanche Information Disclosure Vulnerability
Ivanti Avalanche is an enterprise mobile device management system from Ivanti, USA. The system is primarily used to manage devices such as smartphones, tablets and barcode scanners. A security vulnerability exists in Ivanti Avalanche versions 5.3 and 6.2. The vulnerability can be exploited by a...
CVE-2018-0136
A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router ASR 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service DoS condition. The...
Apache Traffic Server Remote Code Execution Vulnerability
Apache Traffic Server is the United States Apache Apache Software Foundation of an efficient , scalable HTTP proxy and caching server . A security vulnerability exists in the HTTP/2 experimental feature of Apache Traffic Server versions 5.3.x prior to 5.3.1. A remote attacker can exploit this...
UBUNTU-CVE-2015-5206
Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server before 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5168...
Elasticsearch Kibana cross-site scripting vulnerability (CNVD-2017-11643)
Elasticsearch Kibana formerly known as elasticsearch-dashboard is a suite of open-source, browser-based analytics and search Elasticsearch dashboard tools from the Dutch company Elasticsearch. A cross-site scripting vulnerability exists in the Discover page in Elasticsearch Kibana versions 5.3 an...
Command Execution Vulnerability in Metinfo 5.3.10 CMS Latest Version
MetInfo is an enterprise website building software that supports multi-terminal display and is easy to use. A command execution vulnerability exists in the latest version of Metinfo 5.3.10 CMS, which can be exploited by attackers to execute arbitrary commands...