17 matches found
MiracleLinux 8 : squid:4 (AXSA:2024-7404:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7404:01 advisory. squid: Denial of Service in SSL Certificate validation CVE-2023-46724 squid: NULL pointer dereference in the gopher protocol code CVE-2023-46728...
EUVD-2021-2595
Malware in sbrugna...
EUVD-2021-2467
Malware in sbrugna...
CVE-2025-26659
SAP NetWeaver Application Server ABAP does not sufficiently encode user-controlled inputs, leading to DOM-basedCross-Site Scripting XSS vulnerability. This allows an attacker with no privileges, to craft a malicious web message that exploits WEBGUI functionality. On successful exploitation, the...
CVE-2025-26659
SAP NetWeaver Application Server ABAP does not sufficiently encode user-controlled inputs, leading to DOM-basedCross-Site Scripting XSS vulnerability. This allows an attacker with no privileges, to craft a malicious web message that exploits WEBGUI functionality. On successful exploitation, the...
CVE-2025-26659 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML)
SAP NetWeaver Application Server ABAP does not sufficiently encode user-controlled inputs, leading to DOM-basedCross-Site Scripting XSS vulnerability. This allows an attacker with no privileges, to craft a malicious web message that exploits WEBGUI functionality. On successful exploitation, the...
CVE-2025-26659
CVE-2025-26659 – SAP NetWeaver ABAP (WebGUI) is a DOM-based XSS vulnerability caused by insufficient encoding of user-controlled inputs in the SAP NetWeaver Application Server ABAP. The flaw allows an attacker with no privileges to craft a malicious web message that executes JavaScript in the vic...
SUSE CVE-2009-1889
The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets the ICQWebMessage message type as the ICQSMS message type, which allows remote attackers to cause a denial of service application crash via a crafted ICQ web message that triggers allocation of a large amount of memory...
Trend Micro InterScan Web Security Virtual Appliance 缓冲区错误漏洞
Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Trend Micro Web security gateway that provides dynamic, integrated security for enterprise networks against Web-based threats. A stack buffer overflow vulnerability exists in Trend Micro InterScan Web Security Virtual Appliance 6.5...
Facebook Proxygen Security Breach
Facebook Proxygen is a set of open source C++ HTTP class libraries from the U.S. company Facebook . A security vulnerability exists in versions of Facebook Proxygen prior to 2015-11-09 that stems from the program not properly managing the HTTPMessage.request state. A remote attacker can exploit t...
Messagerie 1.0 Arbitrary User Removal DoS Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4635/info Messagerie is a web message board application maintained by La Basse. An issue has been discovered in Messagerie, which could allow an attacker to delete arbitrary user accounts. Reportedly, submitting a special...
Mandriva Linux Security Advisory : pidgin (MDVSA-2009:321)
Security vulnerabilities has been identified and fixed in pidgin : The NSS plugin in libpurple in Pidgin 2.4.1 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service. CVE-2008-3532 Pidgin 2.4....
pidgin: DoS via specially-crafted ICQWebMessage
The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets the ICQWebMessage message type as the ICQSMS message type, which allows remote attackers to cause a denial of service application crash via a crafted ICQ web message that triggers allocation of a large amount of memory...
CVE-2009-1889
The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets the ICQWebMessage message type as the ICQSMS message type, which allows remote attackers to cause a denial of service application crash via a crafted ICQ web message that triggers allocation of a large amount of memory...
CVE-2009-1889
The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets the ICQWebMessage message type as the ICQSMS message type, which allows remote attackers to cause a denial of service application crash via a crafted ICQ web message that triggers allocation of a large amount of memory...
phorum5x.txt
======================================================================================= XOR Crew :: Security Advisory 9/1/2005 ======================================================================================= Phorum 5.x Multiple XSS and Session Hijacking Vulnerabilities...
waraxe-2004-SA037.txt
================================================================================ waraxe-2004-SA037 ================================================================================ Sql injection bug in Phorum 5.0.12 and older versions...