[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

254492

 
 

909

 
 

198541

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 252727 Download | Alert*

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GrandSlambert Login Configurator plugin <=��2.1 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Didier Sampaolo SpamReferrerBlock plugin <=��2.22 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr Project Manager plugin <=��3.3.93 versions.

An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. When using Oracle Advanced Security (OAS) encryption, if an error is encountered initializing the encryption object used to encrypt data, the code falls back to a different encryption mechanism that uses an insecure random number generator to generate the private key. It is possible for a well-placed atta ...

A buffer overflow was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. An overly large value for certain options of a connection string may overrun the buffer allocated to process the string value. This allows an attacker to execute code of their choice on an affected host by copying carefully selected data that will be executed as code.

Windows 7 is vulnerable to a full blind TCP/IP hijacking attack. The vulnerability exists in Windows 7 (any Windows until Windows 8) and in any implementation of TCP/IP, which is vulnerable to the Idle scan attack (including many IoT devices). NOTE: The vendor considers this a low severity issue.

ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to a device which contains a specific user agent, causing the httpd binary to crash during a string comparison performed within web.c, resulting in a DoS condition.

ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to the device which causes the httpd binary to crash within the "do_json_decode()" function of ej.c, resulting in a DoS condition.

Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object stream.

A stored cross-site scripting (XSS) issue was discovered within the Custom User Icons functionality of ASUS RT-AX88U running firmware versions 3.0.0.4.388.23110 and prior.�� After a remote attacker logging in device with regular user privilege, the remote attacker can perform a Stored Cross-site Scripting (XSS) attack by uploading image which containing JavaScript code.


Pages:      Start    24566    24567    24568    24569    24570    24571    24572    24573    24574    24575    24576    24577    24578    24579    ..   25272

© SecPod Technologies