EUVD-2023-52427

Malicious code in bioql PyPI...

CVE-2024-7803 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 11.6 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A Discord webhook integration may cause DoS...

Cybele Software Thinfinity VirtualUI授权问题漏洞

Cybele Software Thinfinity VirtualUI is a solution from Cybele Software, Inc. that supports embedding remote Windows applications into standard web applications to allow two-way interaction with Javascript programming. A security vulnerability exists in Cybele Software Thinfinity VirtualUI, which...

WebkitGTK+: Multiple vulnerabilities

Background WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Description Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE...

WebKitGTK+: Multiple vulnerabilities

Background WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Description Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE...

[SECURITY] Fedora 31 Update: mailman-2.1.34-1.fc31

Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailing list a webpage, and allows users to subscribe, unsubscribe, etc. over the Web. Even the list manager can administer his or her list entirely from...

Siemens SIMATIC CP 343-1 Advanced devices Cross-Site Request Forgery Vulnerability

The Siemens SIMATIC CP 343-1 Advanced devices are Ethernet communication modules from Siemens for PROFINET, the new generation of automation bus standards based on industrial Ethernet technology. A cross-site request forgery vulnerability exists in Siemens SIMATIC CP 343-1 Advanced devices. The...

sphpforum 0.4 - Multiple Vulnerabilities

sphpforum 0.4 - Multiple Vulnerabilities Author: loneferret of Offensive Security Product: sphpforum Version: 0.4 older versions may be affected Software Download: http://sourceforge.net/projects/sphpforum/ Description: Simple PHP Forum is a PHP based forum/BBS board is designed to be small,...

[SECURITY] Fedora 15 Update: mailman-2.1.14-5.fc15

Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailing list a webpage, and allows users to subscribe, unsubscribe, etc. over the Web. Even the list manager can administer his or her list entirely from...

Crystal Reports viewreport.asp页面跨站脚本漏洞

BUGTRAQ ID: 34341 Crystal Reports是一种报表工具包，允许用户迅速创建灵活、特性丰富的报表，并集成到Web和Windows应用程序中。 Crystal Reports的viewreport.asp页面没有用户所提交的ID、PROMPTEX-SESSIONID、PROMPTEX-TODATE、 PROMPTEX-FROMDATE、PROMPTEX-YEARQTR1、PROMPTEX-YEARQTR2、PROMPTEX- YEARQTR3、PROMPTEX-YEARQTR4、PROMPTEX-YEARQTR5、PROMPTEX-YEARQTR6、...

[SECURITY] Fedora 7 Update: mailman-2.1.9-5.3

Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailing list a webpage, and allows users to subscribe, unsubscribe, etc. over the Web. Even the list manager can administer his or her list entirely from...

Crystal Reports .RPT文件处理堆栈溢出漏洞

Crystal Reports是一种报表工具包，允许用户迅速创建灵活、特性丰富的报表，并集成到Web和Windows应用程序中。 Crystal Reports XI Professional在处理畸形的.RPT文件时存在栈溢出漏洞，攻击者可能利用此漏洞通过诱骗用户打开恶意文件在机器上执行任意指令。 Business Objects Crystal Reports XI Professional 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.businessobjects.com...