IBM Sterling B2B Integrator Standard Edition 5.2.0.1 – 5.2.6.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading...
IBM API Connect 5.0.0.0-5.0.8.3 Developer Portal does not enforce Two Factor Authentication (TFA) while resetting a user password but enforces it for all other login scenarios. IBM X-Force ID: 144483. Date published : 2018-07-31...
In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with a double "To" header and an empty "To" tag causes a segmentation fault and crash. The reason is missing input validation...
Redgate .NET Reflector before 10.0.7.774 and SmartAssembly before 6.12.5 allow attackers to execute code by decompiling a compiled .NET object (such as a DLL or EXE file) with a specific embedded resource file. Date...
read_tmp and write_tmp in Inteno IOPSYS allow attackers to gain privileges after writing to /tmp/etc/smb.conf because /var is a symlink to /tmp. Date published : 2018-07-31 https://www.exploit-db.com/exploits/45089/ https://neonsea.uk/blog/2018/07/21/tmp-to-rce.html
In the Federation component of OpenStack Keystone before 11.0.4, 12.0.0, and 13.0.0, an authenticated "GET /v3/OS-FEDERATION/projects" request may bypass intended access restrictions on listing projects. An authenticated user may discover projects they have no...
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or...
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or...
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or...
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or...
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or...
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open...
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or...
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or...