320 matches found
FreeXL Heap Buffer Out-of-Bounds Read Vulnerability
FreeXL is an open source library for extracting valid data from Excel .xls spreadsheets developed by software developer Alessandro Furieri. A heap buffer out-of-bounds read vulnerability exists in the 'readminibiffnextrecord' function in versions of FreeXL prior to 1.0.5. An attacker could exploi...
CVE-2018-2716
Vulnerability in the Oracle Financial Services Market Risk Measurement and Management component of Oracle Financial Services Applications subcomponent: User Interface. The supported version that is affected is 8.0.5. Easily exploitable vulnerability allows unauthenticated attacker with network...
Netsweeper Authentication Bypass Vulnerability (CNVD-2017-30727)
Netsweeper is a Web content filtering solution from Netsweeper Canada. A security vulnerability exists in versions of Netsweeper prior to 4.0.5. A remote attacker can exploit this vulnerability by sending a request to the webadmin/nslam/index.php file to bypass authentication and create arbitrary...
Serendipity Cross-Site Request Forgery Vulnerability
Serendipity is scalable PHP-powered weblog engine. A cross-site request forgery vulnerability in Serendipity 2.0.5 allows attackers to install any theme via a GET request...
Subrion CMS Cross-Site Request Forgery Vulnerability (CNVD-2017-04653)
Subrion CMS is a PHP-based content management system CMS developed by the Subrion team. The system can be integrated into a website and supports a wide range of extensions plug-ins and more. A cross-site request forgery vulnerability exists in admin/blocks/add/URI in Subrion CMS version 4.0.5. An...
Subrion CMS Cross-Site Request Forgery Vulnerability (CNVD-2017-04651)
Subrion CMS is a PHP-based content management system CMS developed by the Subrion team. The system can be integrated into a website and supports a wide range of extensions plug-ins and more. A cross-site request forgery vulnerability exists in admin/blog/add/URI in Subrion CMS version 4.0.5.10. A...
Subrion CMS Cross-Site Scripting Vulnerability (CNVD-2016-10246)
Subrion CMS is a PHP-based content management system CMS developed by the Subrion team. The system can be integrated into a website and supports a wide range of extensions plug-ins and more. A cross-site scripting vulnerability exists in Subrion CMS version 4.0.5, which stems from the failure of...
Unspecified Vulnerability in Oracle Enterprise Manager Grid Control Enterprise Manager Base Platform Component
Oracle Enterprise Manager Grid Control is a suite of systems management software from Oracle Corporation. The software provides centralized monitoring, lifecycle management, and other functions for the Oracle IT architecture. enterprise Manager Base Platform is one of the system management platfo...
7zip denial of service vulnerability
7zip is a set of 7-Zip data compression program software. The program can compress and decompress files in 7z format. A security vulnerability exists in the 'CInArchive::ReadFileItem' method in the Archive/Udf/UdfIn.cpp file in 7zip version 9.20 and 15.05 beta. A remote attacker can exploit this...
The vulnerability of the microprogramming software in Janitza UMG 508, 509, 511, 604, 605 power supply monitoring systems allows a intruder to authenticate as an arbitrary user.
The vulnerability of the Microprogramming Software in Janitza UMG 508, 509, 511, 604, 605 power supply monitoring systems is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to bypass authentication by acting as an arbitrary user...
DEBIAN-CVE-2014-7202
streamengine.cpp in libzmq aka ZeroMQ/C++ 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request...
flash-plugin: information disclosure flaw (APSB13-05)
Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before...
CVE-2011-5084
Cross-site scripting XSS vulnerability in Movable Type 4.x before 4.36 and 5.x before 5.05 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
rsyslog: parseLegacySyslogMsg off-by-two buffer overflow
Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service application exit via a long TAG in a legacy syslog message...
Firefox XSS vulnerabilities in SessionStore
Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cross-site scripting XSS attacks via unknown...
PYSEC-2008-14
Multiple cross-site request forgery CSRF vulnerabilities in Plone CMS 3.0.5 and 3.0.6 allow remote attackers to 1 add arbitrary accounts via the joinform page and 2 change the privileges of arbitrary groups via the prefsgroupsoverview page...
DEBIAN-CVE-2002-1170
The handlevarrequests function in snmpagent.c for the SNMP daemon in the Net-SNMP formerly ucd-snmp package 5.0.1 through 5.0.5 allows remote attackers to cause a denial of service crash via a NULL dereference...
CVE-2022-50599
...
2021-04 .NET 5.0.5 Update for x86 Client
2021-04 .NET 5.0.5 Update for x86 Client...
2021-10 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 20H2 for x64 (KB5005539)
2021-10 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 20H2 for x64 KB5005539...