823 matches found
All Vulnerabilities for mkvcinemas.tube Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
PT-2021-3299 · Microsoft · Sharepoint Server +1
Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server versions prior to 16.0.10372.20060 Description: The issue is related to insufficient input validation in Microsoft SharePoint Server, allowing a remote attacker to perform spoofing attacks using a specially crafted...
viewsonic.com Cross Site Scripting vulnerability OBB-2037218
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
CVE-2020-4300
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 176607...
IBM Cognos Analytics External Entity Injection Vulnerability
IBM Cognos Analytics is a suite of business intelligence software from IBM USA that provides valuable information, secure data governance and reporting. An external entity injection vulnerability exists in Cognos Analytics 11.0 and 11.1. An attacker can exploit this vulnerability to inject extern...
EulerOS 2.0 SP8 : php (EulerOS-SA-2021-1883)
According to the version of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious SOAP...
CVE-2021-32925
admin/userimport.php in Chamilo 1.11.x reads XML data without disabling the ability to load external entities...
All Vulnerabilities for intranet.egc.wa.edu.au Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| intranet.egc.wa.edu.au ---|--- Open Bug...
All Vulnerabilities for socijalnoukljucivanje.gov.rs Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| socijalnoukljucivanje.gov.rs ---|--- Op...
PT-2021-7765 · Xmill · Xmill
Name of the Vulnerable Software and Affected Versions: Xmill version 0.7 Description: The issue is related to a heap-based buffer overflow error in the Decompression EnumerationUncompressor::UncompressItem function when handling XML files. This can be exploited by a remote attacker to execute...
Xxe
IBM QRadar SIEM 7.3 and 7.4 may vulnerable to a XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 193245...
All Vulnerabilities for cryobank.sinica.edu.tw Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Null pointer dereference
In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious SOAP server could return malformed XML data as a response that would cause PHP to access a null pointer and thus cause a crash...
CVE-2021-21702
In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious SOAP server could return malformed XML data as a response that would cause PHP to access a null pointer and thus cause a crash...
unit808.com Improper Access Control vulnerability OBB-1879881
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| unit808.com ---|--- Open Bug Bounty...
Fedora 32 : php (2021-ae5a54ba78)
The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-ae5a54ba78 advisory. - In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious...
Fedora 33 : php (2021-6edfd606d3)
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-6edfd606d3 advisory. - In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious...
All Vulnerabilities for syt.bacninh.gov.vn Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| syt.bacninh.gov.vn ---|--- Open Bug...
CVE-2020-4606
IBM Security Verify Privilege Manager 10.8 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A local attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 184883...
dasoertliche.de Cross Site Scripting vulnerability OBB-1700854
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...