36 matches found
PT-2024-29979 · Fish Shop · Syntax-Check
Name of the Vulnerable Software and Affected Versions: fish-shop/syntax-check versions prior to v1.6.12 fish-shop/syntax-check versions prior to v2.0.0 Description: The issue is related to improper neutralization of delimiters in the pattern input, specifically the command separator ; and command...
CVE-2023-49087 Validation of SignedInfo
xml-security is a library that implements XML signatures and encryption. Validation of an XML signature requires verification that the hash value of the related XML-document matches a specific DigestValue-value, but also that the cryptographic signature on the SignedInfo-tree the one that contain...
PT-2023-8931 · Php +1 · Php +1
Name of the Vulnerable Software and Affected Versions: simplesamlphp/xml-security versions prior to 1.6.12 simplesamlphp/xml-security versions prior to 5.0.0-alpha.13 Description: The issue is related to insufficient validation of XML signatures, which could allow a remote attacker to forge SAML...
CVE-2023-43787 affecting package libX11 for versions less than 1.8.7-1
CVE-2023-43787 affecting package libX11 for versions less than 1.8.7-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-3138 affecting package libX11 for versions less than 1.6.12-6
CVE-2023-3138 affecting package libX11 for versions less than 1.6.12-6. A patched version of the package is available...
WordPress ReviewX Plugin <= 1.6.12 is vulnerable to SQL Injection
Software ReviewX Type Plugin Vulnerable versions = 1.6.12 Fixed in 1.6.13 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-26325 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 2483e29b3913 Credits Joshua Martinelle Required privilege Subscriber...
DEBIAN-CVE-2022-23471
containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to launch due to, f...
PT-2022-6020 · Containerd +7 · Kubernetes Containerd +6
Name of the Vulnerable Software and Affected Versions: containerd versions prior to 1.6.12 containerd versions prior to 1.5.16 Description: A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle...
Creme CRM Cross-Site Scripting Vulnerability (CNVD-2019-17467)
Creme CRM is a customer relationship management system. The system features sales automation, customer service and sending and receiving e-mail. A cross-site scripting vulnerability exists in the organization creation page in Creme CRM version 1.6.12, which can be exploited by remote attackers to...
Creme CRM Cross-Site Scripting Vulnerability
Creme CRM is a customer relationship management system. The system features sales automation, customer service and sending and receiving e-mail. A cross-site scripting vulnerability exists in the salesman creation page in Creme CRM version 1.6.12, which can be exploited by remote attackers to...
IBM OpenAFS vlserver Buffer Overflow Vulnerability
IBM OpenAFS is a distributed file system from IBM in the United States that allows sharing of files and resources between systems over LANs and WANs. A security vulnerability exists in IBM OpenAFS 1.6.12 and earlier versions of vlserver server. A remote attacker can exploit this vulnerability to...
OpenAFS Denial of Service Vulnerability (CNVD-2015-05293)
OpenAFS is a distributed file system that allows sharing of archives and resources between systems over LANs and WANs. A security vulnerability exists in OpenAFS 1.6.12 and earlier versions of vlserver. A remote attacker can exploit this vulnerability to cause a denial of service out-of-bounds re...
The vulnerability of the Gentoo Linux operating system, which allows a malicious individual to compromise the accessibility of protected information
The vulnerability of the dbus package up to version 1.6.12 in the Gentoo Linux operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited locally...
MyBB Database Fingerprint
This module checks if MyBB is running behind an URL. Also uses a malformed query to force an error and fingerprint the backend database used by MyBB on version 1.6.12 and prior. This module requires Metasploit: https://metasploit.com/download Current source:...
MyBB sid SQLi Vulnerability
MyBB is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mybb:mybb"; ifdescription...
MyBB 1.6.12 XSS Vulnerability
MyBB is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mybb:mybb";...