EUVD-2017-6744

Malware in sbrugna...

Dream Multimedia Dreambox Device BouquetEditor WebPlugin Cross-Site Scripting Vulnerability

Dream Multimedia Dreambox devices is a Linux-based digital TV set-top box produced by Dream Multimedia, Germany.BouquetEditor WebPlugin is one of the plug-ins with channel naming, sorting and other functions. A cross-site scripting vulnerability exists in the BouquetEditor WebPlugin in Dream...

CVE-2017-15287

There is XSS in the BouquetEditor WebPlugin for Dream Multimedia Dreambox devices, as demonstrated by the "Name des Bouquets" field, or the file parameter to the /file URI...

CVE-2017-15287

There is XSS in the BouquetEditor WebPlugin for Dream Multimedia Dreambox devices, as demonstrated by the "Name des Bouquets" field, or the file parameter to the /file URI...

Cross site scripting

There is XSS in the BouquetEditor WebPlugin for Dream Multimedia Dreambox devices, as demonstrated by the "Name des Bouquets" field, or the file parameter to the /file URI...

CVE-2017-15287

Dream Multimedia Dreambox devices with the BouquetEditor WebPlugin (Dreambox WebControl 2.0.0) are vulnerable to reflected XSS, as shown in the Bouquet name field or the /file URI parameter. The issue is triggered via user-supplied input processed by the WebControl component, allowing arbitrary J...

Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20130620)

Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. CVE-2013-2470, CVE-2013-2471, CVE-2013-247...