CVE-2014-3922
published 2014-05-30CVE-2014-3922: Cross-site scripting (XSS) vulnerability in Trend Micro InterScan Messaging Security Virtual Appliance 8.5.1.1516 allows remote authenticated users to inject…
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
2.09%
79.3th percentile
Cross-site scripting (XSS) vulnerability in Trend Micro InterScan Messaging Security Virtual Appliance 8.5.1.1516 allows remote authenticated users to inject arbitrary web script or HTML via the addWhiteListDomainStr parameter to addWhiteListDomain.imss.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| trendmicro | interscan_messaging_security_virtual_appliance | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rh6h-vr6m-q4jf: Cross-site scripting (XSS) vulnerability in Trend Micro InterScan Messaging Security Virtual Appliance 8
ghsa_unreviewed·2022-05-17
CVE-2014-3922 [MEDIUM] CWE-79 GHSA-rh6h-vr6m-q4jf: Cross-site scripting (XSS) vulnerability in Trend Micro InterScan Messaging Security Virtual Appliance 8
Cross-site scripting (XSS) vulnerability in Trend Micro InterScan Messaging Security Virtual Appliance 8.5.1.1516 allows remote authenticated users to inject arbitrary web script or HTML via the addWhiteListDomainStr parameter to addWhiteListDomain.imss.
Red Hat
kernel: f2fs: fix to do sanity check on sit_bitmap_size
vendor_redhat·2025-07-04·CVSS 5.5
CVE-2025-38218 [MEDIUM] kernel: f2fs: fix to do sanity check on sit_bitmap_size
kernel: f2fs: fix to do sanity check on sit_bitmap_size
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to do sanity check on sit_bitmap_size
w/ below testcase, resize will generate a corrupted image which
contains inconsistent metadata, so when mounting such image, it
will trigger kernel panic:
touch img
truncate -s $((512*1024*1024*1024)) img
mkfs.f2fs -f img $((256*1024*1024))
resize.f2fs -s -i img -t $((1024*1024*1024))
mount img /mnt/f2fs
------------[ cut here ]------------
kernel BUG at fs/f2fs/segment.h:863!
Oops: invalid opcode: 0000 [#1] SMP PTI
CPU: 11 UID: 0 PID: 3922 Comm: mount Not tainted 6.15.0-rc1+ #191 PREEMPT(voluntary)
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
RIP: 0010:f2fs_ra_meta_pages
No detection rules found.
No public exploits indexed.
http://packetstormsecurity.com/files/126847/InterScan-Messaging-Security-Virtual-Appliance-8.5.1.1516-Cross-Site-Scripting.htmlhttp://seclists.org/fulldisclosure/2014/May/164http://secunia.com/advisories/58491http://www.securityfocus.com/bid/67726http://www.securitytracker.com/id/1030318https://vimeo.com/96757096http://packetstormsecurity.com/files/126847/InterScan-Messaging-Security-Virtual-Appliance-8.5.1.1516-Cross-Site-Scripting.htmlhttp://seclists.org/fulldisclosure/2014/May/164http://secunia.com/advisories/58491http://www.securityfocus.com/bid/67726http://www.securitytracker.com/id/1030318https://vimeo.com/96757096
2014-05-30
Published