Vuldb Updates

A vulnerability was found in xloadimage 4.1. It has been classified as critical. Affected is an unknown function of the component FACES Image Handler. The manipulation of the argument Firstname/Lastname leads to memory corruption. This vulnerability is traded as CVE-2001-0775. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Red Hat Openstack 3.0. It has been classified as critical. Affected is an unknown function. The manipulation leads to code injection. This vulnerability is traded as CVE-2013-2121. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle JRE 1.6.0/1.7.0. It has been classified as very critical. This affects an unknown part. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2012-1533. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in CollabNet ScrumWorks 1.8.4. It has been classified as problematic. Affected is an unknown function of the file server/scrumworks/data/hypersonic/scrumworks.log. The manipulation leads to cryptographic issues. This vulnerability is traded as CVE-2011-0410. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Postfix. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2011-0411. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Cisco ASA up to 7.0.4.2 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper resource management. This vulnerability is known as CVE-2011-0393. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Cisco Firewall Services Module Software up to 3.x and classified as critical. Affected by this issue is some unknown functionality of the component Firewall Services Module. The manipulation leads to improper resource management. This vulnerability is handled as CVE-2011-0394. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Webhost Automation Helm Web Hosting Control Panel up to 3.2.10. It has been classified as problematic. This affects an unknown part of the file domains.asp of the component Control Panel. The manipulation of the argument txtDomainName leads to basic cross site scripting. This vulnerability is uniquely identified as CVE-2006-1407. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Todd Miller sudo up to 1.6.3 P7. It has been classified as critical. This affects an unknown part of the component Mail. The manipulation as part of Environment Variable leads to improper privilege management. This vulnerability is uniquely identified as CVE-2002-0043. The attack needs to be approached locally. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in 4homepages 4images up to 1.7.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file member.php. The manipulation of the argument user_homepage leads to cross site scripting. This vulnerability is handled as CVE-2009-2131. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Zipstore Zip Store Chat 5.0. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2009-2142. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Campus Virtual-LMS and classified as critical. This issue affects some unknown processing. The manipulation of the argument id leads to sql injection. The identification of this vulnerability is CVE-2009-2148. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Campus Virtual-LMS. It has been classified as problematic. Affected is an unknown function. The manipulation of the argument siteid leads to cross site scripting. This vulnerability is traded as CVE-2009-2149. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Ricardo Alexandre De Oliveira Staudt Yogurt 0.3 and classified as problematic. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument msg leads to cross site scripting. This vulnerability is handled as CVE-2009-2033. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Ricardo Alexandre De Oliveira Staudt Yogurt 0.3. It has been classified as critical. This affects an unknown part of the file writemessage.php. The manipulation of the argument original leads to sql injection. This vulnerability is uniquely identified as CVE-2009-2034. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Castro Xl TorrentVolve 1.4. It has been classified as critical. Affected is an unknown function of the file archive.php. The manipulation of the argument deleteTorrent leads to path traversal. This vulnerability is traded as CVE-2009-2101. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as very critical was found in IBM BigFix Platform 9.5. Affected by this vulnerability is an unknown functionality of the component File Upload. The manipulation leads to unrestricted upload. This vulnerability is known as CVE-2019-4013. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Linksys SPA941 5.1.8. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2007-5411. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, has been found in WebKit. This issue affects the function webkitFaviconDatabaseSetIconForPageURL/webkitFaviconDatabaseSetIconURLForPageURL in the library UIProcess/API/glib/WebKitFaviconDatabase.cpp. The manipulation leads to data processing error. The identification of this vulnerability is CVE-2018-11646. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in MODX Revolution up to 2.8.3-pl. It has been classified as critical. This affects an unknown part. The manipulation leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2022-26149. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.