Drupal < 8.6.10 / < 8.5.11 – REST Module Remote Code Execution
>> ARCHIVE: 2019-02
Drupal < 8.6.10 / < 8.5.11 – REST Module Remote Code Execution
Kanboard version 1.2.7 contains multiple vulnerabilities. The vulnerabilities include CSV account import cross site request forgery which allows an unauthenticated attacker to create a new administrative user. Cross site request…
Advanced Comment System version 1.0 suffers from a cross site scripting vulnerability.
Teracue ENC-400 suffers from hard-coded credential, missing authentication, and command injection vulnerabilities.
VertrigoServ version 2.17 suffers from a cross site scripting vulnerability.
A multitude of security issues exist within STMicroelectronics DVB chipsets including, but not limited to credential leakage, buffer overflow, and data leaks. This is the full release of both the…
Micro Focus Filr version 3.4.0.217 suffers from privilege escalation and path traversal vulnerabilities.
EI-Tube version 3.0 suffers from a remote SQL injection vulnerability.
RealTerm Serial Terminal version 2.0.0.70 suffers from an echo port buffer overflow vulnerability.
Valentina Studio version 9.0.5 suffers from a buffer overflow vulnerability.