Dell EMC Isilon OneFS versions 8.1.2, 8.1.0.4, 8.1.0.3, and 8.0.0.7 contain a vulnerability in some configurations. An attacker may exploit this vulnerability to gain access to restricted files. The non-RAN HTTP and WebDAV file-serving...
Dell EMC ECS versions prior to 3.4.0.1 contain an XSS vulnerability. A remote authenticated malicious user could exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When...
A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted...
Coppermine gallery before 1.4.26 has an input validation vulnerability that allows for code execution. Date published : 2020-02-05 https://forum.coppermine-gallery.net/index.php/topic,63510.0.html https://seclists.org/oss-sec/2010/q1/121
PmWiki before 2.2.21 has XSS. Date published : 2020-02-05 https://packetstormsecurity.com/files/cve/CVE-2010-4662 https://www.openwall.com/lists/oss-security/2011/02/23/23
OpenVAS Manager v2.0.3 allows plugin remote code execution. Date published : 2020-02-05 https://www.openwall.com/lists/oss-security/2011/04/20/5
SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application...
Joomla! 1.6.0 is vulnerable to SQL Injection via the filter_order and filer_order_Dir parameters. Date published : 2020-02-05 https://packetstormsecurity.com/files/101835/Joomla-1.6.0-SQL-Injection.html https://www.openwall.com/lists/oss-security/2011/03/14/21
bbPress through 1.0.2 has XSS in /bb-login.php url via the re parameter. Date published : 2020-02-05 https://www.openwall.com/lists/oss-security/2011/03/14/20
PHPShop through 0.8.1 has XSS. Date published : 2020-02-05 https://www.openwall.com/lists/oss-security/2011/02/28/9
Vanilla Forums 2.0.17.1 through 2.0.17.5 has XSS in /vanilla/index.php via the p parameter. Date published : 2020-02-05 https://www.openwall.com/lists/oss-security/2011/02/22/14
Batavi before 1.0 has CSRF. Date published : 2020-02-05 https://packetstormsecurity.com/files/cve/CVE-2011-0525 https://www.openwall.com/lists/oss-security/2011/01/27/3
Apple Bonjour before 2011 allows a crash via a crafted multicast DNS packet. Date published : 2020-02-05 https://opensource.apple.com/source/mDNSResponder/mDNSResponder-541/mDNSPosix/ReadMe.txt
Cisco Linksys E4200 1.0.05 Build 7 devices contain a Clickjacking Vulnerability which allows remote attackers to obtain sensitive information. Date published : 2020-02-05 http://www.securityfocus.com/bid/59717 http://packetstormsecurity.com/files/121551/Cisco-Linksys-E4200-Cross-Site-Scripting-Local-File-Inclusion.html