... weiterlesen

An issue was discovered in the _send_secure_msg() function of Yubico yubihsm-shell through 2.0.3. The function does not correctly validate the embedded... weiterlesen

JPA Server in HAPI FHIR before 5.4.0 allows a user to deny service (e.g., disable access to the database after the attack stops) via history requests.... weiterlesen

An out-of-bounds write vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file... weiterlesen

An exploitable SQL injection vulnerability exists in ‘manageServiceStocks.jsp’ page of OpenClinic GA 5.173.3. A specially crafted HTTP request... weiterlesen

OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI... weiterlesen

Cross Site Scripting (XSS) in Hotels_Server v1.0 allows remote attackers to execute arbitrary code by injecting crafted commands the data fields in the... weiterlesen

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the log directory (owned by a non-root user), a symlink... weiterlesen

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the spool directory (owned by a non-root user), an... weiterlesen

... weiterlesen

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can... weiterlesen

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP option is available to the exim user, and allows a denial of service because... weiterlesen

A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findSector... weiterlesen

A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findDistrict... weiterlesen

WarnSystem is a cog (plugin) for the Red discord bot. A vulnerability has been found in the code that allows any user to access sensible informations by... weiterlesen

A Cross Site Request Forgery (CSRF) vulnerability exists in PHPOK 5.2.060 via admin.php?c=admin&f=save, which could let a remote malicious user execute... weiterlesen

Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkim_finish_bodyhash does not validate the relationship between sig->bodyhash.len and b->bh.len;... weiterlesen

... weiterlesen

Exim 4 before 4.94.2 has Improper Initialization that can lead to recursion-based stack consumption or other consequences. This occurs because use of certain... weiterlesen

Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within... weiterlesen

Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the... weiterlesen

Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtp_ungetc was... weiterlesen

Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receive_add_recipient via an e-mail message with fifty million recipients. NOTE: remote... weiterlesen

... weiterlesen

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. An authenticated remote SMTP client can insert newline characters into a spool file... weiterlesen

... weiterlesen

An information disclosure vulnerability exists in the /proc/pid/syscall functionality of Linux Kernel 5.1 Stable and 5.4.66. More specifically, this issue... weiterlesen

Openapi generator is a java tool which allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically... weiterlesen

... weiterlesen

An exploitable SQL injection vulnerability exists in ‘quickFile.jsp’ page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead... weiterlesen

A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findPersonID... weiterlesen

... weiterlesen

... weiterlesen

IBM Control Desk 7.6.1.2 and 7.6.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web... weiterlesen

Ticketer is a command based ticket system cog (plugin) for the red discord bot. A vulnerability allowing discord users to expose sensitive information... weiterlesen

IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 could allow a user to obtain sensitive information or perform actions they should not have access... weiterlesen

IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript... weiterlesen

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document... weiterlesen

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA due to lack of a reference providing provenance.... weiterlesen

An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client... weiterlesen

Found no DMARC and DNS record on mcuboot.com . I am also able to send an email to me on your behalf . The mail sent didnot even landed in spam folder which... weiterlesen

A vulnerability was found in Adobe Flash Player up to 11.7.700.169 (Multimedia Player Software). It has been classified as very critical. Affected is some... weiterlesen

A vulnerability was found in Adobe Flash Player up to 11.7.700.169 (Multimedia Player Software) and classified as very critical. This issue affects an... weiterlesen

A vulnerability has been found in Adobe Flash Player up to 11.7.700.169 (Multimedia Player Software) and classified as very critical. This vulnerability... weiterlesen

A vulnerability, which was classified as very critical, was found in Adobe Flash Player up to 11.7.700.169 (Multimedia Player Software). This affects some... weiterlesen

A vulnerability, which was classified as very critical, has been found in Adobe Flash Player up to 11.7.700.169 (Multimedia Player Software). Affected... weiterlesen

A vulnerability classified as very critical was found in Adobe Flash Player up to 11.7.700.169 (Multimedia Player Software). Affected by this vulnerability... weiterlesen

A vulnerability classified as very critical has been found in Adobe Flash Player up to 11.7.700.169 (Multimedia Player Software). Affected is an unknown... weiterlesen

A vulnerability was found in Adobe Flash Player up to 11.7.700.169 (Multimedia Player Software). It has been rated as critical. This issue affects some... weiterlesen

... weiterlesen