Hexo versions 0.0.1 to 5.4.0 are vulnerable against stored XSS. The post “bodyâ€� and “tagsâ€� don’t sanitize malicious javascript during web page generation. Local unprivileged attacker can inject arbitrary code. Devamını Oku
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. An attacker can then issue the SQL command through the /opensis/modules/users/Staff.php, staff{TITLE] parameter. Devamını Oku
Hexo versions 0.0.1 to 5.4.0 are vulnerable against stored XSS. The post “bodyâ€� and “tagsâ€� don’t sanitize malicious javascript during web page generation. Local unprivileged attacker can inject arbitrary code. Devamını Oku
IBM MQ Appliance 9.2 CD and 9.2 LTS is affected by a denial of service attack caused by a concurrency issue. IBM X-Force ID: 212042 Devamını Oku
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local privileged user to inject and execute malicious code. IBM X-Force ID: 212441. Devamını Oku
IBM MQ Appliance could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace. Devamını Oku
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local attacker to obtain sensitive information by inclusion of sensitive data within diagnostics. IBM X-Force ID: 213215. Devamını Oku
IBM MQ Appliance 9.2 CD and 9.2 LTS is affected by a denial of service attack caused by a concurrency issue. IBM X-Force ID: 212042 Devamını Oku
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local privileged user to inject and execute malicious code. IBM X-Force ID: 212441. Devamını Oku
This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It is necessary to extract value for ipTIME IP camera because the ipTIME NAS send ans setCookie('[COOKIE]') . The value is transferred to the –header option in wget binary, and there is no validation check. This vulnerability allows remote…
The vulnerabilty was discovered in ActiveX module related to NeoRS remote support program. This issue allows an remote attacker to download and execute remote file. It is because of improper parameter validation of StartNeoRS function in ActiveX. Devamını Oku
In Spring AMQP versions 2.2.0 – 2.2.19 and 2.3.0 – 2.3.11, the Spring AMQP Message object, in its toString() method, will create a new String object from the message body, regardless of its size. This can cause an OOM Error with a large message Devamını Oku