Количество 314 458
Количество 314 458
GHSA-2vwg-39m6-fw44
A stored cross-site scripting (XSS) vulnerability exists in the user profile text fields of Altium 365. Insufficient server-side input sanitization allows authenticated users to inject arbitrary HTML and JavaScript payloads using whitespace-based attribute parsing bypass techniques. The injected payload is persisted and executed when other users view the affected profile page, potentially allowing session token theft, phishing attacks, or malicious redirects. Exploitation requires an authenticated account and user interaction to view the crafted profile.
GHSA-2vwf-xc9m-9w4j
gpc_api.php in MantisBT 1.2.17 and earlier allows remote attackers to bypass authenticated via a password starting will a null byte, which triggers an unauthenticated bind.
GHSA-2vwf-jqh3-5vjp
Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate.
GHSA-2vwc-94q4-mqwr
Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file.
GHSA-2vw9-m8gq-4436
In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI.
GHSA-2vw8-r286-4wvc
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Keyboard Suggestions" component. It allows attackers to obtain sensitive information by reading keyboard autocorrect suggestions.
GHSA-2vw7-qgh3-r4pc
An issue was discovered in the Widgets extension through 1.4.0 for MediaWiki. Improper title sanitization allowed for the execution of any wiki page as a widget (as defined by this extension) via MediaWiki's {{#widget:}} parser function.
GHSA-2vw7-pgw6-fj2h
SQL injection vulnerability in headeruserdata.php in Visual Shapers ezContents 2.0.3 allows remote attackers to execute arbitrary SQL commands via the groupname parameter.
GHSA-2vw7-9m84-rphf
Multiple buffer overflows in squidGuard 1.4 allow remote attackers to bypass intended URL blocking via a long URL, related to (1) the relationship between a certain buffer size in squidGuard and a certain buffer size in Squid and (2) a redirect URL that contains information about the originally requested URL.
GHSA-2vw7-5jhc-pc89
Authenticated SQL Injection (SQLi) vulnerability in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress allows attackers with Subscriber or higher user roles to execute SQLi attack via (&ids).
GHSA-2vw6-vp5j-cgp9
finger .@host on some systems may print information on some user accounts.
GHSA-2vw6-5f85-h22m
Reference to Expired Domain Vulnerability in OpenText™ ArcSight Enterprise Security Manager.
GHSA-2vw5-8fhm-cvqc
TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the Form_Login function. This vulnerability allows attackers to cause a Denial of Service (DoS) via the flag parameter.
GHSA-2vw5-8crq-9vmf
The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 uses the i_size_high structure member during operations on arbitrary types of files, which allows local users to cause a denial of service (CPU consumption and error-message flood) by attempting to mount a crafted ext4 filesystem.
GHSA-2vw4-j4g8-m4r4
Multiple cross-site scripting (XSS) vulnerabilities in index.php in NC LinkList 1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) cat and (2) view parameters.
GHSA-2vw3-r555-jwcc
Unauthenticated denial of service
GHSA-2vw2-h5mp-gfhw
Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.
GHSA-2vw2-587w-g9v6
Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code.
GHSA-2vvx-6336-xm8p
A weakness has been identified in CodeAstro Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/equipment-entry.php. Executing manipulation of the argument ename can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited.
GHSA-2vvx-5g27-9gvj
The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
GHSA-2vwg-39m6-fw44 A stored cross-site scripting (XSS) vulnerability exists in the user profile text fields of Altium 365. Insufficient server-side input sanitization allows authenticated users to inject arbitrary HTML and JavaScript payloads using whitespace-based attribute parsing bypass techniques. The injected payload is persisted and executed when other users view the affected profile page, potentially allowing session token theft, phishing attacks, or malicious redirects. Exploitation requires an authenticated account and user interaction to view the crafted profile. | CVSS3: 7.6 | 0% Низкий | 24 дня назад | |
GHSA-2vwf-xc9m-9w4j gpc_api.php in MantisBT 1.2.17 and earlier allows remote attackers to bypass authenticated via a password starting will a null byte, which triggers an unauthenticated bind. | 0% Низкий | больше 3 лет назад | ||
GHSA-2vwf-jqh3-5vjp Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate. | CVSS3: 4 | 0% Низкий | больше 1 года назад | |
GHSA-2vwc-94q4-mqwr Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file. | 1% Низкий | почти 4 года назад | ||
GHSA-2vw9-m8gq-4436 In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI. | 0% Низкий | больше 3 лет назад | ||
GHSA-2vw8-r286-4wvc An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Keyboard Suggestions" component. It allows attackers to obtain sensitive information by reading keyboard autocorrect suggestions. | CVSS3: 5.3 | 0% Низкий | больше 3 лет назад | |
GHSA-2vw7-qgh3-r4pc An issue was discovered in the Widgets extension through 1.4.0 for MediaWiki. Improper title sanitization allowed for the execution of any wiki page as a widget (as defined by this extension) via MediaWiki's {{#widget:}} parser function. | 0% Низкий | больше 3 лет назад | ||
GHSA-2vw7-pgw6-fj2h SQL injection vulnerability in headeruserdata.php in Visual Shapers ezContents 2.0.3 allows remote attackers to execute arbitrary SQL commands via the groupname parameter. | 2% Низкий | почти 4 года назад | ||
GHSA-2vw7-9m84-rphf Multiple buffer overflows in squidGuard 1.4 allow remote attackers to bypass intended URL blocking via a long URL, related to (1) the relationship between a certain buffer size in squidGuard and a certain buffer size in Squid and (2) a redirect URL that contains information about the originally requested URL. | 2% Низкий | почти 4 года назад | ||
GHSA-2vw7-5jhc-pc89 Authenticated SQL Injection (SQLi) vulnerability in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress allows attackers with Subscriber or higher user roles to execute SQLi attack via (&ids). | CVSS3: 8.8 | 0% Низкий | почти 4 года назад | |
GHSA-2vw6-vp5j-cgp9 finger .@host on some systems may print information on some user accounts. | 0% Низкий | почти 4 года назад | ||
GHSA-2vw6-5f85-h22m Reference to Expired Domain Vulnerability in OpenText™ ArcSight Enterprise Security Manager. | 0% Низкий | 10 месяцев назад | ||
GHSA-2vw5-8fhm-cvqc TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the Form_Login function. This vulnerability allows attackers to cause a Denial of Service (DoS) via the flag parameter. | CVSS3: 7.5 | 0% Низкий | около 4 лет назад | |
GHSA-2vw5-8crq-9vmf The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 uses the i_size_high structure member during operations on arbitrary types of files, which allows local users to cause a denial of service (CPU consumption and error-message flood) by attempting to mount a crafted ext4 filesystem. | 0% Низкий | почти 4 года назад | ||
GHSA-2vw4-j4g8-m4r4 Multiple cross-site scripting (XSS) vulnerabilities in index.php in NC LinkList 1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) cat and (2) view parameters. | 1% Низкий | почти 4 года назад | ||
GHSA-2vw3-r555-jwcc Unauthenticated denial of service | CVSS3: 7.5 | 1% Низкий | около 3 лет назад | |
GHSA-2vw2-h5mp-gfhw Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework. | CVSS3: 6.5 | 0% Низкий | почти 4 года назад | |
GHSA-2vw2-587w-g9v6 Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code. | CVSS3: 8.8 | 20% Средний | почти 4 года назад | |
GHSA-2vvx-6336-xm8p A weakness has been identified in CodeAstro Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/equipment-entry.php. Executing manipulation of the argument ename can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited. | CVSS3: 6.3 | 0% Низкий | 4 месяца назад | |
GHSA-2vvx-5g27-9gvj The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so. | CVSS3: 7.5 | 76% Высокий | больше 2 лет назад |
Уязвимостей на страницу