The host is installed with Apache CouchDB before 1.0.4, 1.1.x before 1.1.2 or 1.2.x before 1.2.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle differences issue in Erlang-based JSON parser and JavaScript-based JSON parser. Successful exploitation could allow attackers to bypass certain restrictions and gain elevated privilege ...
The host is installed with Apache CouchDB before 1.0.4, 1.1.x before 1.1.2 or 1.2.x before 1.2.1 and is prone to a cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to handle a issue in Futon UI. Successful exploitation could allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to the browser-based test suite.
The host is installed with Bamboo CI server before 6.2.3 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in the plan configure branches resource. Successful exploitation could allow attackers to inject arbitrary HTML or JavaScript via a cross site scripting vulnerability through the name of a branch.
The host is installed with Zoho ManageEngine ADSelfService Plus before build 6104 and is prone to a stored XSS vulnerability. A flaw is present in the application, which does not properly handle the e-mail address field. Successful exploitation allows stored XSS on the /webclient/index.html#/directory-search user search page.
The host is installed with IBM DB2 11.1 before 11.1.4FP6 or 11.5 before 11.5.5FP1 and is prone to a denial of service vulnerability. A flaw is present in the application which fails to handle a specifically crafted select statement. Successful exploitation allows an attacker to terminate the server abnormally.
The host is installed with PHP 5.4.3 or earlier and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle crafted arguments that trigger incorrect handling of COM object VARIANT types. Successful exploitation allows remote attackers to execute arbitrary code.
The host is installed with Telegram Desktop before 1.5.12 and is prone to an IDN homograph attack vulnerability. A flaw is present in the application, which fails to handle issues in character representation in fonts. Successful exploitation allows attackers to cause script spoofing attacks.
The host is installed with Apache CouchDB 1.x before 2.2.0 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle the validation issue in administrator-supplied configuration settings. Successful exploitation could allow attackers to escalate their privileges to that of the operating system's user under which CouchDB runs, by bypassing the ...
The host is installed with BSplayer Free 2.51 Build 1022 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle the skin parameter in the options section of a skins file (.bsi). Successful exploitation could allow remote attackers to execute arbitrary code.
The host is installed with BSplayer Free 2.32 Build 975 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle the boundary checks issue on user-supplied input. Successful exploitation could allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long hostname in a .bsl playlist file.