A cross-site scripting (XSS) vulnerability in flickrRSS.php in the flickrRSS plugin 5.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the flickrRSS_tags parameter to wp-admin/options-general.php. Date published : 2018-02-06...
A cross-site scripting (XSS) vulnerability in flickrRSS.php in the flickrRSS plugin 5.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the flickrRSS_id parameter to wp-admin/options-general.php. Date published : 2018-02-06...
The flickrRSS plugin 5.3.1 for WordPress has CSRF via wp-admin/options-general.php. Date published : 2018-02-06 https://github.com/AntsKnows/CVE/blob/master/WP_Plugin_Flickr-rss
A cross-site scripting (XSS) vulnerability in flickrRSS.php in the flickrRSS plugin 5.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the flickrRSS_set parameter to wp-admin/options-general.php. Date published : 2018-02-06...
In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every...
WebConsole Cross-Site Scripting in Kaspersky Secure Mail Gateway version 1.1. Date published : 2018-02-06 https://support.kaspersky.com/vulnerability.aspx?el=12430#010218 https://www.coresecurity.com/advisories/kaspersky-secure-mail-gateway-multiple-vulnerabilities
Local Privilege Escalation in Kaspersky Secure Mail Gateway version 1.1. Date published : 2018-02-06 https://support.kaspersky.com/vulnerability.aspx?el=12430#010218 https://www.coresecurity.com/advisories/kaspersky-secure-mail-gateway-multiple-vulnerabilities
Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1. Date published : 2018-02-06 https://support.kaspersky.com/vulnerability.aspx?el=12430#010218 https://www.coresecurity.com/advisories/kaspersky-secure-mail-gateway-multiple-vulnerabilities
Cross-site Request Forgery leading to Administrative account takeover in Kaspersky Secure Mail Gateway version 1.1. Date published : 2018-02-06 https://support.kaspersky.com/vulnerability.aspx?el=12430#010218 https://www.coresecurity.com/advisories/kaspersky-secure-mail-gateway-multiple-vulnerabilities
A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. A successful exploit of this vulnerability requires the local user...
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack...
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player’s quality of service functionality. A successful attack...
In Apache Allura before 1.8.0, unauthenticated attackers may retrieve arbitrary files through the Allura web application. Some webservers used with Allura, such as Nginx, Apache/mod_wsgi or paster may prevent the attack from succeeding. Others,...
The routed daemon in FreeBSD 9.3 before 9.3-RELEASE-p22, 10.2-RC2 before 10.2-RC2-p1, 10.2-RC1 before 10.2-RC1-p2, 10.2 before 10.2-BETA2-p3, and 10.1 before 10.1-RELEASE-p17 allows remote authenticated users to cause a denial of service (assertion failure and...