432 matches found
PHP Scripts Mall hotel-booking-script Denial of Service Vulnerability
PHP Scripts Mall hotel-booking-script is a hotel booking system script by PHP Scripts Mall India, which includes features like advanced CMS management, review management and booking management. A denial of service vulnerability exists in PHP Scripts Mall hotel-booking-script version 2.0.4, which...
PHP Scripts Mall hotel-booking-script Cross-Site Scripting Vulnerability
PHP Scripts Mall hotel-booking-script is a multi-vendor hotel booking script. PHP Scripts Mall hotel-booking-script 2.0.4 suffers from a cross-site scripting vulnerability that can be exploited by an attacker via the First Name, Last Name or Address fields...
CVE-2018-3029
Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network acces...
USN-3568-1 wavpack vulnerabilities
Hanno Böck discovered that WavPack incorrectly handled certain WV files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-10169 Joonun Jang discovered that WavPack incorrectly handled certain RF64 files. An...
CVE-2018-6550
Monstra CMS through 3.0.4 has XSS in the title function in plugins/box/pages/pages.plugin.php via a page title to admin/index.php...
DEBIAN-CVE-2017-15133
A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections...
Meinberg LANTIME Web Configuration Utility Directory Traversal Vulnerability
Meinberg LANTIME is an NTP time server from Meinberg, Germany.Web Configuration Utility is one of the web configuration utilities. A directory traversal vulnerability exists in the Upload Groupkey function of the Web Configuration Utility in Meinberg LANTIME with firmware version 6.24.004. A remo...
UBUNTU-CVE-2017-16883
The outputSWFTEXTRECORD function in util/outputscript.c in libming = 0.4.8 is vulnerable to a NULL pointer dereference, which may allow attackers to cause a denial of service via a crafted swf file...
IBM WebSphere Application Server Information Disclosure Vulnerability (CNVD-2017-27828)
IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. It is a platform for Java EE and Web services applications, and is the foundation of the IBM WebSphere software platform. An information disclosure vulnerability exists in IBM WAS...
Joomla! JoomRecipe Component SQL Injection Vulnerability
Joomla! is a content management system. A SQL injection vulnerability exists in version 1.0.4 of the JoomRecipe component of Joomla! The vulnerability allows attackers to obtain sensitive database information...
UBUNTU-CVE-2017-10788
The DBD::mysql module through 4.043 for Perl allows remote attackers to cause a denial of service use-after-free and application crash or possibly have unspecified other impact by triggering 1 certain error responses from a MySQL server or 2 a loss of a network connection to a MySQL server. The...
PT-2017-17974 · Dolibarr · Dolibarr Erp/Crm
Name of the Vulnerable Software and Affected Versions: Dolibarr ERP/CRM version 4.0.4 Description: The issue is related to a Cross-Site Scripting XSS problem. It occurs in the doli/societe/list.php file through the sall parameter. This allows for potential malicious script injection...
CVE-2017-5907
The Great Southern Bank Great Southern Mobile Banking app before 4.0.4 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
USN-3240-1 nvidia-graphics-drivers-304, nvidia-graphics-drivers-340, nvidia-graphics-drivers-375 vulnerability
It was discovered that the NVIDIA graphics drivers contained a flaw in the kernel mode layer. A local attacker could use this issue to cause a denial of service...
CVE-2016-8317
Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Unit Trust. Supported versions that are affected are 12.0.1, 12.0.2,12.0.4,12.1.0 and 12.3.0. Difficult to exploit vulnerability allows low privileged attacker with network...
UBUNTU-CVE-2016-5598
Unspecified vulnerability in the MySQL Connector component 2.1.3 and earlier and 2.0.4 and earlier in Oracle MySQL allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Connector/Python...
USN-2981-1 libarchive vulnerabilities
It was discovered that libarchive incorrectly handled certain entry-size values in ZIP archives. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 15.10 and...
SUSE-SU-2016:0324-1 Recommended update for LibreOffice
This update brings LibreOffice to version 5.0.4, a major version update. It brings lots of new features, bug fixes and also security fixes. Features as seen on http://www.libreoffice.org/discover/new-features/ LibreOffice 5.0 ships an impressive number of new features for its spreadsheet module,...
The vulnerability of the microprogramming software in Janitza UMG 508, 509, 511, 604, 605 power supply monitoring systems allows a intruder to authenticate as an arbitrary user.
The vulnerability of the Microprogramming Software in Janitza UMG 508, 509, 511, 604, 605 power supply monitoring systems is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to bypass authentication by acting as an arbitrary user...
The vulnerability of the Red Hat Enterprise Linux operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the acpid-1.0.4 package of the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out locally...