5 matches found
MediaWiki Cargo 安全漏洞
MediaWiki Cargo is an extension of the American Wikimedia MediaWiki Foundation. A security vulnerability exists in MediaWiki Cargo version 3.6.X prior to 3.6.1, which stems from the presence of a SQL injection vulnerability...
DEBIAN-CVE-2022-0583
Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file...
Default credentials
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when /websocket is requested and the password contains the '' character. This request would cause a socket error in RabbitMQ when parsing the password and an HTTP error code 500 and partial password disclose wi...
CVE-2012-0465
CVE-2012-0465 affects Bugzilla versions 3.5.x and 3.6.x before 3.6.9, 3.7.x and 4.0.x before 4.0.6, and 4.1.x and 4.2.x before 4.2.1. Root cause: improper validation of the X-Forwarded-For header when inbound_proxies is enabled, allowing bypass of the lockout policy via repeated authentication re...
Mozilla Miscellaneous memory safety hazards (MFSA 2011-19)
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors, a different vulnerability than...