Joe

#12068of 53,622
22.6Total CVSS
Vulnerabilities · 4
Medium
3
High
1
PT-2024-36055
6.1
2024-11-29
Unknown · Backdrop Cms · CVE-2024-54123
Name of the Vulnerable Software and Affected Versions: Backdrop CMS versions prior to 1.28.4 Backdrop CMS versions 1.29.x prior to 1.29.2 Description: The issue allows for Cross Site Scripting (XSS) via an SVG document, if the SVG tag is allowed for a text format. This occurs in Backdrop CMS when an SVG document is used. Recommendations: For versions prior to 1.28.4, update to version 1.28.4 or later. For versions 1.29.x prior to 1.29.2, update to version 1.29.2 or later. As a temporary workaround, consider disabling the use of SVG tags for text formats until a patch is available.
PT-2015-3536
5.0
2015-02-19
Openbsd · Fastcgi · CVE-2012-6687
**Name of the Vulnerable Software and Affected Versions** FastCGI versions 2.4.0 **Description** The issue allows remote attackers to cause a denial of service, resulting in a segmentation fault and crash, by establishing a large number of connections. **Recommendations** For FastCGI version 2.4.0, consider restricting the number of incoming connections to prevent the denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2012-4590
4.3
2012-07-12
Gnu · Gimp · CVE-2012-3236
**Name of the Vulnerable Software and Affected Versions** GIMP versions prior to 2.8.1 **Description** The issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and application crash, via a malformed XTENSION header of a .fit file. This can be achieved by using a long string. **Recommendations** For versions prior to 2.8.1, update to version 2.8.1 or later to resolve the issue. As a temporary workaround, consider avoiding the use of malformed .fit files to minimize the risk of exploitation.
PT-2004-2555
7.2
2004-08-31
Microsoft · Msinfo32.Exe · CVE-2004-1649
**Name of the Vulnerable Software and Affected Versions** Microsoft Msinfo32.exe (affected versions not specified) **Description** A buffer overflow issue exists in Microsoft Msinfo32.exe, potentially allowing local users to execute arbitrary code. This can be achieved by providing a long filename in the `msinfo file` command line parameter. It is noted that this issue might not cross security boundaries. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.