Количество 314 458
Количество 314 458
GHSA-3pjc-4g34-p4r8
Unknown vulnerability in mail for Solaris 2.6 through 9 allows local users to read the email of other users.
GHSA-3pj9-hhgf-f53q
In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport __init-annotated hv_init_clocksource() EXPORT_SYMBOL and __init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated __init. The access to a freed symbol may end up with kernel panic. modpost used to detect it, but it has been broken for a decade. Recently, I fixed modpost so it started to warn it again, then this showed up in linux-next builds. There are two ways to fix it: - Remove __init - Remove EXPORT_SYMBOL I chose the latter for this case because the only in-tree call-site, arch/x86/kernel/cpu/mshyperv.c is never compiled as modular. (CONFIG_HYPERVISOR_GUEST is boolean)
GHSA-3pj9-f579-qchv
A Remote Code Execution (RCE) vulnerability at /admin/options in Maxsite CMS v180 allows attackers to execute arbitrary code via a crafted PHP file.
GHSA-3pj8-7wgv-fm2r
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). The supported version that is affected is 10.3.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
GHSA-3pj7-9q5p-c6ww
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Texteller allows Reflected XSS. This issue affects Texteller: from n/a through 1.3.0.
GHSA-3pj6-pjjw-252j
The WP Booking Calendar plugin for WordPress is vulnerable to SQL Injection via the 'calendar_request_params[dates_ddmmyy_csv]' parameter in all versions up to, and including, 9.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
GHSA-3pj4-gm7q-fv5v
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetAutoMaint param is not object. An attacker can send an HTTP request to trigger this vulnerability.
GHSA-3pj4-6qw8-r7x8
Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 provides the MicrosoftClient.jar file containing a signed Java applet, which allows remote attackers to execute arbitrary code on client machines via unspecified vectors, aka "Poisoned Cup of Code Execution Vulnerability."
GHSA-3pj3-7wm6-rfv4
SQL injection vulnerability in ProductDetails.asp in Lotfian Request For Travel 1.0 allows remote attackers to execute arbitrary SQL commands via the PID parameter.
GHSA-3pj2-rvj5-6646
An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid subkey, but the RNP library rejects it from being used, causing encryption to fail. This vulnerability affects Thunderbird < 78.9.1.
GHSA-3pj2-86g9-6mf7
IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user with access to the package to obtain sensitive information through a directory listing.
GHSA-3pj2-6fqg-5xxm
Rejected reason: Not used
GHSA-3pj2-53jv-g287
A vulnerability, which was classified as critical, has been found in Beijing Baichuo Smart S85F Management Platform up to 20230820 on Smart. Affected by this issue is some unknown functionality of the file /sysmanage/updateos.php. The manipulation of the argument 1_file_upload leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238628. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
GHSA-3phx-v48r-rmwc
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell to modify the communications buffer potentially resulting in arbitrary code execution.
GHSA-3phx-q7wc-mf8g
Buffer overflow in ircd allows arbitrary command execution.
GHSA-3phx-h87m-px77
This issue was addressed with improved entitlements. This issue is fixed in macOS Big Sur 11.5. A malicious application may be able to bypass Privacy preferences.
GHSA-3phx-gw24-fgrp
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the MPostWriteBarrier class in js/src/jit/MIR.h and stack alignment in js/src/jit/AsmJS.cpp in OdinMonkey, and unknown other vectors.
GHSA-3phw-vqfc-p5mc
Directory traversal vulnerability in a certain ActiveX control in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument to the saveNessusRC method, which writes text specified by the addsetConfig method, possibly related to the SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll. NOTE: this can be leveraged for code execution by writing to a Startup folder.
GHSA-3phw-rjrc-v4hm
AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier is vulnerable to a Session Fixation attack.
GHSA-3phw-gjj5-pgh6
Cross-site request forgery (CSRF) vulnerability in IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before 9.1.1.0.2 allows remote authenticated users to hijack the authentication of customer accounts.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
GHSA-3pjc-4g34-p4r8 Unknown vulnerability in mail for Solaris 2.6 through 9 allows local users to read the email of other users. | 0% Низкий | почти 4 года назад | ||
GHSA-3pj9-hhgf-f53q In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport __init-annotated hv_init_clocksource() EXPORT_SYMBOL and __init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated __init. The access to a freed symbol may end up with kernel panic. modpost used to detect it, but it has been broken for a decade. Recently, I fixed modpost so it started to warn it again, then this showed up in linux-next builds. There are two ways to fix it: - Remove __init - Remove EXPORT_SYMBOL I chose the latter for this case because the only in-tree call-site, arch/x86/kernel/cpu/mshyperv.c is never compiled as modular. (CONFIG_HYPERVISOR_GUEST is boolean) | CVSS3: 5.5 | 0% Низкий | 4 месяца назад | |
GHSA-3pj9-f579-qchv A Remote Code Execution (RCE) vulnerability at /admin/options in Maxsite CMS v180 allows attackers to execute arbitrary code via a crafted PHP file. | CVSS3: 9.8 | 11% Средний | почти 4 года назад | |
GHSA-3pj8-7wgv-fm2r Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). The supported version that is affected is 10.3.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). | CVSS3: 6.5 | 1% Низкий | больше 3 лет назад | |
GHSA-3pj7-9q5p-c6ww Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Texteller allows Reflected XSS. This issue affects Texteller: from n/a through 1.3.0. | CVSS3: 7.1 | 0% Низкий | 11 месяцев назад | |
GHSA-3pj6-pjjw-252j The WP Booking Calendar plugin for WordPress is vulnerable to SQL Injection via the 'calendar_request_params[dates_ddmmyy_csv]' parameter in all versions up to, and including, 9.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | CVSS3: 9.8 | 76% Высокий | около 2 лет назад | |
GHSA-3pj4-gm7q-fv5v A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetAutoMaint param is not object. An attacker can send an HTTP request to trigger this vulnerability. | CVSS3: 6.5 | 0% Низкий | почти 4 года назад | |
GHSA-3pj4-6qw8-r7x8 Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 provides the MicrosoftClient.jar file containing a signed Java applet, which allows remote attackers to execute arbitrary code on client machines via unspecified vectors, aka "Poisoned Cup of Code Execution Vulnerability." | 13% Средний | больше 3 лет назад | ||
GHSA-3pj3-7wm6-rfv4 SQL injection vulnerability in ProductDetails.asp in Lotfian Request For Travel 1.0 allows remote attackers to execute arbitrary SQL commands via the PID parameter. | 1% Низкий | почти 4 года назад | ||
GHSA-3pj2-rvj5-6646 An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid subkey, but the RNP library rejects it from being used, causing encryption to fail. This vulnerability affects Thunderbird < 78.9.1. | CVSS3: 6.5 | 0% Низкий | больше 3 лет назад | |
GHSA-3pj2-86g9-6mf7 IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user with access to the package to obtain sensitive information through a directory listing. | CVSS3: 6.5 | 0% Низкий | больше 1 года назад | |
GHSA-3pj2-6fqg-5xxm Rejected reason: Not used | около 1 месяца назад | |||
GHSA-3pj2-53jv-g287 A vulnerability, which was classified as critical, has been found in Beijing Baichuo Smart S85F Management Platform up to 20230820 on Smart. Affected by this issue is some unknown functionality of the file /sysmanage/updateos.php. The manipulation of the argument 1_file_upload leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238628. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | CVSS3: 6.3 | 0% Низкий | больше 2 лет назад | |
GHSA-3phx-v48r-rmwc A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell to modify the communications buffer potentially resulting in arbitrary code execution. | CVSS3: 7.5 | 0% Низкий | больше 1 года назад | |
GHSA-3phx-q7wc-mf8g Buffer overflow in ircd allows arbitrary command execution. | 1% Низкий | почти 4 года назад | ||
GHSA-3phx-h87m-px77 This issue was addressed with improved entitlements. This issue is fixed in macOS Big Sur 11.5. A malicious application may be able to bypass Privacy preferences. | 0% Низкий | больше 3 лет назад | ||
GHSA-3phx-gw24-fgrp Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the MPostWriteBarrier class in js/src/jit/MIR.h and stack alignment in js/src/jit/AsmJS.cpp in OdinMonkey, and unknown other vectors. | 1% Низкий | больше 3 лет назад | ||
GHSA-3phw-vqfc-p5mc Directory traversal vulnerability in a certain ActiveX control in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument to the saveNessusRC method, which writes text specified by the addsetConfig method, possibly related to the SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll. NOTE: this can be leveraged for code execution by writing to a Startup folder. | 11% Средний | почти 4 года назад | ||
GHSA-3phw-rjrc-v4hm AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier is vulnerable to a Session Fixation attack. | CVSS3: 8.8 | 0% Низкий | больше 3 лет назад | |
GHSA-3phw-gjj5-pgh6 Cross-site request forgery (CSRF) vulnerability in IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before 9.1.1.0.2 allows remote authenticated users to hijack the authentication of customer accounts. | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу