cgit suffers from a directory traversal vulnerability in cgit_clone_objects().
37831299c41cbf8b4276c28e94d3615148e9fe86404363c2b69eae6eba250c7cUbuntu Security Notice 3731-1 - It was discovered that LFTP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.
24f7d77db4111d22f1a7b40cc49cfba90871eb9bcfae80999dc5fb738b2e2c7dOCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted.
2f71b923fd12139847ac2ff8144d07a7250e7131bad2b3d7db85ba17ff41bf94Open-AudIT Community version 2.2.6 suffers from a cross site scripting vulnerability.
da3bf7bef2852d4e737ba63cc33ce00378a52e76356eefbf2cbcf87512c34227Dell EMC Data Protection Advisor, versions 6.4 through 6.5, contains a XML External Entity (XXE) Injection vulnerability in the REST API. An authenticated remote malicious user could potentially exploit this vulnerability to read certain system files in the server or cause denial of service by supplying specially crafted Document Type Definitions (DTDs) in an XML request.
7262794bbeb917e7e2c99abb41baa2f271a39f4c1762b712654d0947ea15b677Ubuntu Security Notice 3730-1 - Matthias Gerstner discovered that LXC incorrectly handled the lxc-user-nic utility. A local attacker could possibly use this issue to open arbitrary files.
20b451992a911148667d7967308162587130dc75ed9ecbf9dd9cb11668d1038bUbuntu Security Notice 3729-1 - It was discovered that libxcursor incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.
986839c6683740b7ccde40cb3062bb92868dacca05a4fd8565e0493b102faf72Debian Linux Security Advisory 4262-1 - Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to open redirects, cross-site request forgery, information disclosure, session fixation or denial of service.
2f604d49a2ad57ea254ad69536e651ce2f33d102ce98567981b98321ecc0a5f1Debian Linux Security Advisory 4265-1 - It was discovered that the Apache XML Security for C++ library performed insufficient validation of KeyInfo hints, which could result in denial of service via NULL pointer dereferences when processing malformed XML data.
dbb2a2a995ed1855235811a955c6fa11845c29765ce3a36561ef8d40c22d47ebCA Technologies Support is alerting customers to a potential risk with CA API Developer Portal. A medium risk vulnerability exists that can allow a remote attacker to conduct reflected cross-site scripting attacks. CA published solutions to address the vulnerability. The vulnerability occurs due to insufficient parameter filtering in the web user interface, which can allow a remote attacker to launch reflected cross-site scripting attacks.
386c272271ed091041f86901b4ba0bfa774336602c3837ec4f71eafb764baa48Monstra-Dev version 3.0.4 suffers from a persistent cross site scripting vulnerability.
83d4e2fee79b8990dc5328c8bbb80e1b7b70a7629cbc73c058d35df9b8ac219dLAMS versions prior to 3.1 suffer from a cross site scripting vulnerability.
a31a6bb96a4a36442255ec0624f9efe7e3e2df9abc927c97ece1225c2bf89247Microsoft Windows suffers from an SCF open file security warning feature bypass vulnerability.
958717cd8872e33b9b2a3c4b625a8d892418f613f8faacd62f3dfc64af556111onArcade version 2.4.2 suffers from a cross site request forgery vulnerability.
54626ca3c318d64213981a9d8cc93fe8af457f70f998f7ee04637a2f570bfd1aSMPlayer version 18.6.0 suffers from a dll hijacking vulnerability.
1ba3d2d6a8690986ae9955caca1828fe61f254de9080bcf10011814985e06f07CMS ISWEB version 3.5.3 suffers from a directory traversal vulnerability.
8aa0ff13b51f6c607e0125e9f50cdd3b15376a9f0b867622c365ab666d22c459Rufus versions 3.0 and 3.1 suffers from dll hijacking vulnerabilities.
902541262838af7644c131737527c42bf33c37e8fdf9cfe5b3446450ac936b8cSidify Music Converter version 1.2.9 suffers from a dll hijacking vulnerability.
89f9aaf2ad37dfa64b29919b38de0afdbcc06b47d895cd46fa4b383ab74367a8Subrion CMS version 4.2.1 suffers from a cross site scripting vulnerability.
2cdd1c5f3a0b1d7a90e6057be4d2227ff304ebed6dcbf007eb8e5b1d7cd98b5b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed