Aggregator

A vulnerability has been found in WordPress qTranslate plugin up to 2.5.34 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is known as CVE-2013-3251. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in EMC Documentum Digital Asset Manager up to 6.4. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2013-3281. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in EMC Documentum eRoom up to 7.4.3. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2013-3286. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in WordPress WP-PostViews plugin up to 1.62 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2013-3252. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Zemanta Related Posts up to 2.7.0. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is known as CVE-2013-3257. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Bufferapp Digg Digg up to 5.3.2. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2013-3258. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in RealNetworks RealPlayer up to 16.0.2.31 and classified as critical. Affected by this vulnerability is an unknown functionality of the component HTML Handler. The manipulation leads to improper input validation. This vulnerability is known as CVE-2013-3299. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe Flash Player up to 11.7.700.203. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2013-3343. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe Shockwave Player 12.0.2.122 and classified as very critical. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2013-3348. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Rockwellautomation RSLinx Classic up to 2.54. It has been rated as very critical. Affected by this issue is some unknown functionality in the library RSEds.dll of the file RSHWare.exe of the component Installation. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2011-2530. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Microsoft Windows up to Server 2012 R2 and classified as critical. This issue affects some unknown processing of the component Color Management. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2017-0014. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical was found in Erlang otp TLS Server 1.5. Affected by this vulnerability is an unknown functionality of the component RSA PKCS Padding. The manipulation leads to cryptographic issues. This vulnerability is known as CVE-2017-1000385. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Cavium Nitrox SSL, Nitrox V SSL and TurboSSL and classified as critical. This issue affects some unknown processing of the component SDK. The manipulation leads to information disclosure (Bleichenbacher). The identification of this vulnerability is CVE-2017-17428. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Dell SonicWall 7.0/7.1. This vulnerability affects unknown code of the file /sgms/mainPage. The manipulation of the argument node_id with the input aaaaa";><script>alert(document.cookie);</script> leads to cross site scripting (Reflected). This vulnerability was named CVE-2014-0332. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

视频模型竞赛的天花板又被拉高了。

A vulnerability, which was classified as critical, has been found in KDE kauth and kdelibs. Affected by this issue is some unknown functionality. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2017-8422. An attack has to be approached locally. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Overview Recently, NSFOCUS CERT detected that Adobe issued a security announcement and fixed any file read vulnerability in Adobe ColdFusion (CVE-2024-53961). Due to improper restrictions on pathnames in Adobe ColdFusion, unauthenticated attackers can bypass the application’s restrictions to read files or directories outside of the restricted directory. As a result, sensitive information may be disclosed […]

The post Adobe ColdFusion Any File Read Vulnerability (CVE-2024-53961) appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Adobe ColdFusion Any File Read Vulnerability (CVE-2024-53961) appeared first on Security Boulevard.

OverviewRecently, NSFOCUS CERT detected that Adobe issued a security announcement and fixed any