Recent Vulnerabilities

minerstat msOS before 2019-10-23 does not have a unique SSH key for each instance of the product.

IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 could allow a local attacker to execute arbitrary code on the system, caused by an untrusted search path vulnerability.

Cacti through 1.2.7 is affected by multiple instances of lib/functions.php unsafe deserialization of user-controlled data to populate arrays.

An issue was discovered in Intesync Solismed 3.3sp1. An flaw in the encryption implementation exists, allowing for all encrypted data stored within the database to be decrypted.

A reflected XSS issue was discovered in DAViCal through 1.1.8. It echoes the action parameter without encoding.

The Scoutnet Kalender plugin 1.1.0 for WordPress allows XSS.

Recent Activity