[Forgot Password]
Login  Register Subscribe

24547

 
 

132805

 
 

131373

 
 

909

 
 

108481

 
 

152

 
 
Paid content will be excluded from the download.

Filter
Matches : 852 Download | Alert*

The host is installed with kibana before 5.6.15 or 6.x before 6.6.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a issue in the timelion visualizer. Successful exploitation allows attackers to execute arbitrary commands with permissions of the kibana process on the host system.

The host is installed with kibana before 5.6.15 or 6.x before 6.6.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a issue in the timelion visualizer. Successful exploitation allows attackers to execute arbitrary commands with permissions of the kibana process on the host system.

The host is installed with kibana before 6.6.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a issue in the security audit logger. Successful exploitation allows attackers to execute arbitrary commands with permissions of the kibana process on the host system.

The host is installed with kibana before 5.6.15 or 6.x before 6.6.1 and is prone to a cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to handle a issue in unspecified vectors. Successful exploitation allows attackers to obtain sensitive information from or perform destructive actions on behalf of other kibana users.

The host is installed with kibana before 5.6.15 or 6.x before 6.6.1 and is prone to a cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to handle a issue in unspecified vectors. Successful exploitation allows attackers to obtain sensitive information from or perform destructive actions on behalf of other kibana users.

Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using crafted FDF or XFDF files (a related issue to CVE-2018-4993). For example, an NTLM hash is sent for a link to \\192.168.0.2\C$\file.pdf without user interaction.

Craft CMS before 3.3.8 has stored XSS via a name field. This field is mishandled during site deletion.

The host is installed with Python 2.x through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9 or 3.7.x through 3.7.4 and is prone to a security bypass vulnerability. The flaw is present in the application, which fails to properly handle an issue in parsing email addresses. Successful exploitation allows attackers to trick the application into accepting an email address that should be denied.

Functions/EWD_UFAQ_Import.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows unauthenticated options import.

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by an Admin user.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   85

© SecPod Technologies