Cross-site Scripting (XSS) - Generic in GitHub repository nuxt/framework prior to -.Read More ...
Continue Reading
August 30, 2022
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.Read More ...
Continue Reading
August 30, 2022
All versions of package x-data-spreadsheet are vulnerable to Cross-site Scripting (XSS) due to missing sanitization of values inserted into the cells.Read More ...
Continue Reading
August 30, 2022
The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal.Read More ...
Continue Reading
August 30, 2022
Le-yan Personnel and Salary Management System has hard-coded database account and password within the website source code. An unauthenticated remote attacker can access, modify system data or disrupt ...
Continue Reading
August 30, 2022
OAKlouds Portal websites Meeting Room has insufficient validation for user input. A remote attacker with general user privilege can perform SQL-injection to access, modify, delete database, perform ...
Continue Reading
August 30, 2022
telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application wo ...
Continue Reading
August 30, 2022
res_pjsip_t38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17.9.3, and 18.x before 18.2.2, and Certified Asterisk before 16.8-cert7, allows an attacker to trigger a crash by sending an m=image ...
Continue Reading
August 30, 2022
Back to Main
