[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 31456 Download | Alert*

Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access.

The host is installed with KeePass 2.4.1 and is prone to a CSV injection vulnerability. A flaw is present in the application which fails to properly handle an issue in the title field of a CSV export. Successful exploitation allows attackers to force other user to execute code in his machine.

The host is installed with SpringSource Spring Framework 5.0.x before 5.0.16, 5.1.x before 5.1.13, or 5.2.x before 5.2.3 and is prone to a reflected file download vulnerability. A flaw is present in the application, which fails to handle when it sets a "Content-Disposition" header in the response. Successful exploitation allows attackers to allow download of code without integrity check.

The host is installed with VideoLAN VLC Media Player before 2.0.7 and is prone to memory exhaustion vulnerability. A flaw is present in the application, which fails to handle crafted playlist files. Successful exploitation allows attackers to cause a denial of service.

The host is installed with dojo before 1.11.10, 1.12.x before 1.12.8, 1.13.x before 1.13.7, 1.14.x before 1.14.6, 1.15.x before 1.15.3 or 1.16.x before 1.16.2 and is prone to a prototype pollution vulnerability. A flaw is present in the application, which fails to properly handle issues in deepCopy method. Successful exploitation could allow attackers to manipulate the attributes to overwrite, or ...

The host is installed with Apache HTTP Server 2.4.20 through 2.4.43 and is prone to a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted value for the Cache-Digest header in a HTTP/2 request. Successful exploitation could allow attackers to cause a crash.

The host is installed with Cisco Jabber 12.1.x before 12.1.3, 12.5.x before 12.5.2, 12.6.x before 12.6.3, 12.7.x before 12.7.2, 12.8.x before 12.8.3 or 12.9.x before 12.9.1 and is prone to a command injection vulnerability. A flaw is present in application, which fails to properly handle an issue in application protocol. Successful exploitation could allow an unauthenticated, remote attacker to ex ...

The host is installed with Cisco Jabber 12.1.x before 12.1.3, 12.5.x before 12.5.2, 12.6.x before 12.6.3, 12.7.x before 12.7.2, 12.8.x before 12.8.3 or 12.9.x before 12.9.1 and is prone to an information disclosure vulnerability. A flaw is present in application, which fails to properly handle an issue in validation of message contents. Successful exploitation could allow the attacker to cause the ...

The host is installed with Cisco Jabber 12.1.x before 12.1.3, 12.5.x before 12.5.2, 12.6.x before 12.6.3, 12.7.x before 12.7.2, 12.8.x before 12.8.3 or 12.9.x before 12.9.1 and is prone to an information disclosure vulnerability. A flaw is present in application, which fails to properly handle an issue in validation of message contents. Successful exploitation could allow an authenticated, remote ...


Pages:      Start    1855    1856    1857    1858    1859    1860    1861    1862    1863    1864    1865    1866    1867    1868    ..   3145

© SecPod Technologies