Hírolvasó

Rite CMS 3.0 has Multiple Cross-Site scripting (XSS) vulnerabilities that allow attackers to execute arbitrary code via a crafted payload into the Main Menu Items in the Administration Menu.

Rite CMS 3.0 has a Cross-Site scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload into the Global Content Blocks in the Administration Menu.

A Cross-site scripting (XSS) vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Reference ID' parameter.

A flaw was found in libnbd. A server can reply with a block size larger than 2^63 (the NBD spec states the size is a 64-bit unsigned value). This issue could lead to an application crash or other unintended behavior for NBD clients that doesn't treat the return value of the nbd_get_size() function correctly.

A Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a crafted script to the Name filed in the Manage Menu.

Multiple Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a crafted script to the Copyright and Author fields in the Meta & Custom Tags Menu.

A File upload vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to upload a pdf file with hidden Cross Site Scripting (XSS).

A File upload vulnerability in WBCE v.1.6.1 allows a local attacker to upload a pdf file with hidden Cross Site Scripting (XSS).

D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formLanguageChange function.

D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWanDhcpplus function.

D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWAN_Wizard55 function.

D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWanPPTP function.

D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWAN_Wizard7 function.

D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWanL2TP function.

D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via websGetVar function.

A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash the system.