[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15134 Download | Alert*

The host is installed with Atlassian Confluence Server before 5.8.6 and is prone to a server-side request forgery vulnerability. A flaw is present in the application which fails to properly handle an issue in WidgetConnector plugin. Successful exploitation allows remote attackers to manipulate the content of internal network resources via a blind server-side request forgery (SSRF) vulnerability.

The host is installed with Atlassian Confluence Server before 7.2.0 and is prone to a denial-of-service vulnerability. A flaw is present in the application which fails to properly handle an issue in the avatar upload feature. Successful exploitation could allow remote attackers to impact the application's availability.

The host is installed with Atlassian Confluence Server 2.7.34, 2.7.35 or 3.0.2 and is prone to an information disclosure vulnerability . A flaw is present in the application which fails to handle an issue in its Atlassian Questions. Successful exploitation allows unauthenticated attackers to gain control of the account.

The host is installed with Atlassian Confluence Server before 7.4.17, 7.5.0 before 7.13.7, 7.14.0 before 7.14.3, 7.15.0 before 7.15.2, 7.16.0 before 7.16.4, 7.17.0 before 7.17.4 or 7.18.0 and is prone to an arbitrary servlet filter bypass vulnerability. A flaw is present in the application which fails to properly handle servlet filter. Successful exploitation allows unauthenticated attackers to ca ...

The host is installed with Atlassian Confluence Server before 7.4.17, 7.5.0 before 7.13.7, 7.14.0 before 7.14.3, 7.15.0 before 7.15.2, 7.16.0 before 7.16.4, 7.17.0 before 7.17.4 or 7.18.0 and is prone to a servlet filter bypass vulnerability. A flaw is present in the application which fails to properly handle servlet filter. Successful exploitation allows unauthenticated attackers to casue cross-o ...

The host is installed with SpringSource Spring Framework before 5.2.20 or 5.3.0 before 5.3.18 and is prone to a remote code execution (Spring4Shell) vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted request to a vulnerable server. Successful exploitation could allows an unauthenticated attacker to execute arbitrary code on the target system.

The host is installed with SpringSource Spring Framework before 5.2.20 or 5.3.0 before 5.3.18 and is prone to a remote code execution (Spring4Shell) vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted request to a vulnerable server. Successful exploitation could allows an unauthenticated attacker to execute arbitrary code on the target system.

actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service via a crafted HTTP Accept header.

Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application"s unrestricted use of the render method and providing a .. in a pathname.

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability, but only systems with ksmbd enabled are vulnerable. The specific flaw exists within the processing of SMB2_TREE_DISCONNECT commands. The issue results from the lack of validating the existence of an object prior to performing ...


Pages:      Start    1008    1009    1010    1011    1012    1013    1014    1015    1016    1017    1018    1019    1020    1021    ..   1513

© SecPod Technologies