Contao 4.13.2 – Cross-Site Scripting (XSS)
>> ARCHIVE: 2022-06
Contao 4.13.2 – Cross-Site Scripting (XSS)
Schneider Electric C-Bus Automation Controller (5500SHAC) 1.10 – Remote Code Execution (RCE)
The G2 Control component in Real Player version 20.0.8.310 suffer from remote code execution vulnerability.
Real Player versions 16.00.282, 16.0.3.51, Cloud 17.0.9.17, and 20.0.7.309 suffer from external::Import() arbitrary file download and directory traversal vulnerabilities that lead to remote code execution.
Real Player versions 16.0.3.51, Cloud 17.0.9.17, and 20.0.7.309 suffer from a DCP:// URI remote code execution vulnerability.
Avantune Genialcloud ProJ version 10 suffers from a cross site scripting vulnerability.
The BN_mod_sqrt() function in OpenSSL versions 1.0.2, 1.1.1, and 3.0, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli.
libxml2 is vulnerable to a heap buffer overflow when xmlBufAdd is called on a very large buffer.
This archive contains all of the 142 exploits added to Packet Storm in May, 2022.
GtkRadiant version 1.6.6 suffers from a buffer overflow vulnerability.