Vulmon Vulnerability Feed

@VulmonFeeds

Vulnerability Feed Bot | Follow for human-controlled account

Vrijeme pridruživanja: prosinac 2017.

Tweetovi

Blokirali ste korisnika/cu @VulmonFeeds

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @VulmonFeeds

  1. CVE-2010-0738 The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for th...

    Poništi
  2. CVE-2010-3856 in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) ...

    Poništi
  3. CVE-2015-3193 The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and prod...

    Poništi
  4. CVE-2017-7668 The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously ...

    Poništi
  5. CVE-2018-6947 An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and earlier allows a local low privileged user to gain elevation...

    Poništi
  6. CVE-2019-13126 An integer overflow in NATS Server before 2.0.2 allows a remote attacker to crash the server by sending a crafted request. If authentication is enabled, then the remote attacker must have first authe...

    Poništi
  7. CVE-2018-17246 Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to exe...

    Poništi
  8. CVE-2019-7609 Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt ...

    Poništi
  9. CVE-2018-19518 University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other products, launches an rsh command (by means of the imap_rimap function in c-client/imap4r1.c and the tcp_a...

    Poništi
  10. CVE-2015-2802 An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem C...

    Poništi
  11. CVE-2019-10786 network-manager through 1.0.2 allows remote attackers to execute arbitrary commands via the "execSync()" argument.

    Poništi
  12. CVE-2019-10788 im-metadata through 3.0.1 allows remote attackers to execute arbitrary commands via the "exec" argument. It is possible to inject arbitrary commands as part of the metadata options which is given to ...

    Poništi
  13. CVE-2019-12528 An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' ses...

    Poništi
  14. CVE-2019-10787 im-resize through 2.3.2 allows remote attackers to execute arbitrary commands via the "exec" argument. The cmd argument used within index.js, can be controlled by user without any sanitization.

    Poništi
  15. CVE-2015-3612 A Cross-site Scripting (XSS) vulnerability exists in FortiManager 5.2.1 and earlier and 5.0.10 and earlier via an unspecified parameter in the FortiWeb auto update service page.

    Poništi
  16. CVE-2020-6059 An exploitable out of bounds read vulnerability exists in the way MiniSNMPD version 1.4 parses incoming SNMP packets. A specially crafted SNMP request can trigger an out of bounds memory read which ca...

    Poništi
  17. CVE-2020-8121 A bug in Nextcloud Server 14.0.4 could expose more data in reshared link shares than intended by the sharer.

    Poništi
  18. CVE-2020-8124 Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks.

    Poništi
  19. CVE-2019-15622 Not strictly enough sanitization in the Nextcloud Android app 3.6.0 allowed an attacker to get content information from protected tables when using custom queries.

    Poništi
  20. CVE-2019-15616 Dangling remote share attempts in Nextcloud 16 allow a DNS pollution when running long.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·