The SupportCandy WordPress plugin before 2.2.7 does not have CRSF check in its wpsc_tickets AJAX action, which could allow attackers to make a logged in…

The SupportCandy WordPress plugin before 2.2.7 does not sanitise and escape the query string before outputting it back in pages with the [wpsc_create_ticket] shortcode embed,…

The SupportCandy WordPress plugin before 2.2.7 does not have CSRF check in the wpsc_tickets AJAX action, nor has any sanitisation or escaping in some of…

The SupportCandy WordPress plugin before 2.2.7 does not validate and escape the page attribute of its shortcode, which could allow users with a role as…

The SupportCandy WordPress plugin before 2.2.5 does not have authorisation and CRSF checks in its wpsc_tickets AJAX action, which could allow unauthenticated users to call…

StarWind iSCSI SAN before 3.5 build 2007-08-09 allows socket exhaustion. Devamını Oku

StarWind iSCSI SAN before 6.0 build 2013-03-20 allows a memory leak. Devamını Oku

StarWind iSCSI SAN before 3.5 build 2007-08-09 allows socket exhaustion. Devamını Oku

StarWind iSCSI SAN before 6.0 build 2013-03-20 allows a memory leak. Devamını Oku

perM 0.4.0 has a Buffer Overflow related to strncpy. (Debian initially fixed this in 0.4.0-7.) Devamını Oku