A cross site scripting security vulnerability in IBM Case Manager
Overview : A cross site scripting security vulnerability has been identified with Case Builder component in IBM Case Manager Affected
TemaTres 3.0 has reflected XSS vuln
Overview : TemaTres 3.0 has reflected XSS via the replace_string or search_string parameter to the vocab/admin.php?doAdmin=bulkReplace URI. Affected Product(s) :
Local Privilege Escalation in OpenBSD’s dynamic loader
Overview : OpenBSD through 6.6 allows local users to escalate to root because a check for LD_LIBRARY_PATH in setuid programs
Octeth Oempro 4.7 allows SQL injection
Overview : Octeth Oempro 4.7 found a SQL injection. The parameter “CampaignID” in “Campaign.Get” is vulnerable to SQL Injection attacks.
AWS Firecracker through v0.19.0 has a Buffer Overflow vuln
Overview : A logical error in bounds checking performed on vsock virtio descriptors can be used by a malicious guest
Accentis Content Resource Management System suffer from a remote SQL injection vulnerability.
Overview : Accentis Content Resource Management System versions released prior to the October 2015 patch suffer from a remote SQL
Accentis Content Resource Management System suffer from a cross site scripting vulnerability.
Overview : Accentis Content Resource Management System versions released prior to the October 2015 patch suffer from a cross site
Multiple issues in Cloud Foundry Products
Overview : UAA logs all query parameters with debug logging level Affected Product(s) : CF Deployment All versions prior to
Improper Neutralization of CRLF Sequences in HTTP Headers in Versions of Armeria 0.85.0 through and including 0.96.0
Overview : Versions of Armeria 0.85.0 through and including 0.96.0 are vulnerable to HTTP response splitting, which allows remote attackers
Apache Struts2 vulnerabilities discovered while processing malformed XSLT files
Overview : A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a
Denial of Service vulnerability in SSL VPN service of FortiOS
Overview : New vulnerabilities discovered in FortiOS Affected Product(s) : FortiOS versions 6.2.1 and below. FortiOS versions 6.0.6 and below.
XSS attack in Drupal Views Builk Operations module 6.x-1.0 through 6.x-1.10
Overview : Drupal Views Builk Operations (VBO) module 6.x-1.0 through 6.x-1.10 does not properly escape the vocabulary help when the
Multiple issues was discovered in Symfony
Overview : Multiple issues was discovered in Symfony Affected Product(s) : Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0
MediaWiki Multiple XSS vulnerabilities
Overview : New vulnerabilities discovered in MediaWiki Affected Product(s) : MediaWiki before 1.19.4 and 1.20.x before 1.20.3 Vulnerability Details :
Multiple vulnerabilities have been found in Tiki Wiki
Overview : New vulnerabilities discovered in Tiki Wiki Affected Product(s) : Tiki 7.2 & 8.0 RC1 Vulnerability Details : CVE
Openfind MAIL2000 Webmail vulnerabilities
Overview : Multiple flaws in Openfind MAIL2000 through version 6.0 and 7.0 Affected Product(s) : Openfind MAIL2000 through version 6.0
Cross-site Scripting Vulnerability in Zikula Application Framework
Overview : Zikula 1.3.0 build #3168 and probably prior has XSS flaw due to improper sanitization of the ‘themename’ parameter
Apache NiFi 1.3.0 – 1.9.2 cyber flaws released
Overview : Multiple flaws was discovered in NiFi versions 1.3.0 to 1.9.2 Affected Product(s) : Apache NiFi 1.3.0 – 1.9.2
Apache Shiro before 1.4.2 prone to padding attack
Overview : Apache Shiro before 1.4.2 padding attack through susceptible cookies Affected Product(s) : Apache Shiro 1.4.1 Vulnerability Details : CVE
SQL Injection attack in pimcore before 6.3.0
Overview : Pimcore data leakage Flaws through SQL Injection Affected Product(s) : pimcore/pimcore before 6.3.0 Vulnerability Details : CVE ID :
Unprotected API lets remote users control Philips Taolight Smart Wi-Fi Wiz Contol
Overview : Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb API Flaws Affected Product(s) : Philips Taolight Smart Wi-Fi Wiz
phpbb 3.0.x-3.0.6 has an XSS vulnerability
Overview : some issues found in phpbb 3.0.x-3.0.6 with an XSS vulnerability. Affected Product(s) : phpbb 3.0.x-3.0.6 Vulnerability Details :
New vulnerabilities discovered in SAP products
Overview : New vulnerabilities discovered in SAP products Affected Product(s) : SAP Vulnerability Details : CVE ID : CVE-2019-0388 [[CVE-2019-0388] Content
WSO2 IS as Key Manager 5.7.0 allows web vulnerabilities
Overview : An attacker can trick a privileged user while using WSO2 IS as Key Manager Affected Product(s) : WSO2