Nagios XI 5.7.3 SQL Injection
Nagios XI version 5.7.3 suffers from multiple remote SQL injection vulnerabilities.
View ArticleQRadar RemoteJavaScript Deserialization
A Java deserialization vulnerability exists in the QRadar RemoteJavaScript Servlet. An authenticated user can call one of the vulnerable methods and cause the Servlet to deserialize arbitrary objects....
View ArticleOnline Student's Management System 1.0 Shell Upload
Online Student's Management System version 1.0 suffers from a remote shell upload vulnerability.
View ArticleOnline Discussion Forum Site 1.0 Cross Site Scripting
Online Discussion Forum Site version 1.0 suffers from a cross site scripting vulnerability.
View ArticleOX App Suite / OX Documents 7.10.3 XSS / Server-Side Request Forgery
OX App Suite and OX Documents versions 7.10.3 and some prior versions suffer from information exposure, server-side request forgery, and cross site scripting vulnerabilities.
View ArticleOnline Job Portal 1.0 Cross Site Scripting
Online Job Portal version 1.0 suffers from a persistent cross site scripting vulnerability.
View ArticleChrome XRSystem::FocusedFrameChanged and...
Chrome suffers from a use-after-free vulnerability in XRSystem::FocusedFrameChanged and FocusController::NotifyFocusChangedObservers.
View ArticleHiSilicon Video Encoder 1.97 File Disclosure / Path Traversal
HiSilicon Video Encoder versions up to 1.97 suffer from a path traversal vulnerability that allows for file disclosure.
View ArticleReQuest Serious Play Media Player 3.0 File Disclosure / Path Traversal
ReQuest Serious Play Media Player version 3.0 suffers from an unauthenticated file disclosure vulnerability when input passed through the file parameter in tail.html and file.html script is not...
View ArticleHiSilicon Video Encoder Command Injection
HiSilicon Video Encoder suffers from a remote command injection vulnerability. Versions affected are vendor specific.
View ArticleReQuest Serious Play F3 Media Server 7.0.3 Debug Log Disclosure
ReQuest Serious Play F3 Media Server version 7.0.3 suffers from a debug log disclosure vulnerability. An unauthenticated attacker can visit the message_log page and disclose the webserver's Python...
View ArticleHiSilicon Video Encoder Malicious Firmware Code Execution
HiSilicon Video Encoder suffers from a remote code execution vulnerability via an unauthenticated upload of malicious firmware. Versions affected are vendor specific.
View ArticleRed Hat Security Advisory 2020-4272-01
Red Hat Security Advisory 2020-4272-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include...
View ArticleHiSilicon Video Encoder Backdoor Password
HiSilicon Video Encoder allows for full administrative access via a backdoor password. Versions affected are vendor specific.
View ArticleReQuest Serious Play F3 Media Server 7.0.3 Denial Of Service
ReQuest Serious Play F3 Media Server version 7.0.3 suffers from a denial of service vulnerability. The device can be shutdown or rebooted by an unauthenticated attacker when issuing one HTTP GET request.
View ArticleJenkins 2.63 Sandbox Bypass
Jenkins version 2.63 suffers from a sandbox bypass vulnerability.
View ArticleRed Hat Security Advisory 2020-4274-01
Red Hat Security Advisory 2020-4274-01 - The Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework. Issues...
View ArticleHiSilicon Video Encoder Buffer Overflow / Denial Of Service
HiSilicon Video Encoder suffers from an unauthenticated RTSP buffer overflow vulnerability that can cause a denial of service condition.
View ArticleFRITZ!Box 7.20 DNS Rebinding Protection Bypass
FRITZ!Box versions 7.20 and below suffer from a DNS rebinding protection bypass vulnerability.
View Article
More Pages to Explore .....