[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 249579 Download | Alert*

In Crea8social 2018.2, there is Stored Cross-Site Scripting via a post comment.

In Crea8social 2018.2, there is Reflected Cross-Site Scripting via the term parameter to the /search URI.

In Crea8social 2018.2, there is Stored Cross-Site Scripting via a User Profile.

The DNNArticle module 11 for DNN (formerly DotNetNuke) allows remote attackers to read the web.config file, and consequently discover database credentials, via the /GetCSS.ashx/?CP=%2fweb.config URI.

Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same domain as the host, so to impersonate a host one must already have a wildcard certificate matching other hosts in the same domain. For example, b*.example.com w ...

DVD X Player Standard 5.5.3.9 has a Buffer Overflow via a crafted .plf file, a related issue to CVE-2007-3068.

ZyXEL ZyWALL/USG series devices have a Bleichenbacher vulnerability in their Internet Key Exchange (IKE) handshake implementation used for IPsec based VPN connections.

IBOS 4.4.3 has XSS via a company full name.

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none

libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file.


Pages:      Start    9815    9816    9817    9818    9819    9820    9821    9822    9823    9824    9825    9826    9827    9828    ..   24957

© SecPod Technologies