[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253928

 
 

909

 
 

198006

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 31505 Download | Alert*

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access.

The host is installed with KeePass 2.4.1 and is prone to a CSV injection vulnerability. A flaw is present in the application which fails to properly handle an issue in the title field of a CSV export. Successful exploitation allows attackers to force other user to execute code in his machine.

The host is installed with SpringSource Spring Framework 5.0.x before 5.0.16, 5.1.x before 5.1.13, or 5.2.x before 5.2.3 and is prone to a reflected file download vulnerability. A flaw is present in the application, which fails to handle when it sets a "Content-Disposition" header in the response. Successful exploitation allows attackers to allow download of code without integrity check.

The host is installed with VideoLAN VLC Media Player before 2.0.7 and is prone to memory exhaustion vulnerability. A flaw is present in the application, which fails to handle crafted playlist files. Successful exploitation allows attackers to cause a denial of service.

The host is installed with dojo before 1.11.10, 1.12.x before 1.12.8, 1.13.x before 1.13.7, 1.14.x before 1.14.6, 1.15.x before 1.15.3 or 1.16.x before 1.16.2 and is prone to a prototype pollution vulnerability. A flaw is present in the application, which fails to properly handle issues in deepCopy method. Successful exploitation could allow attackers to manipulate the attributes to overwrite, or ...

The host is installed with Apache HTTP Server 2.4.20 through 2.4.43 and is prone to a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted value for the Cache-Digest header in a HTTP/2 request. Successful exploitation could allow attackers to cause a crash.

The host is installed with Cisco Jabber 12.1.x before 12.1.3, 12.5.x before 12.5.2, 12.6.x before 12.6.3, 12.7.x before 12.7.2, 12.8.x before 12.8.3 or 12.9.x before 12.9.1 and is prone to a command injection vulnerability. A flaw is present in application, which fails to properly handle an issue in application protocol. Successful exploitation could allow an unauthenticated, remote attacker to ex ...

The host is installed with Cisco Jabber 12.1.x before 12.1.3, 12.5.x before 12.5.2, 12.6.x before 12.6.3, 12.7.x before 12.7.2, 12.8.x before 12.8.3 or 12.9.x before 12.9.1 and is prone to an information disclosure vulnerability. A flaw is present in application, which fails to properly handle an issue in validation of message contents. Successful exploitation could allow the attacker to cause the ...

The host is installed with Cisco Jabber 12.1.x before 12.1.3, 12.5.x before 12.5.2, 12.6.x before 12.6.3, 12.7.x before 12.7.2, 12.8.x before 12.8.3 or 12.9.x before 12.9.1 and is prone to an information disclosure vulnerability. A flaw is present in application, which fails to properly handle an issue in validation of message contents. Successful exploitation could allow an authenticated, remote ...

The host is installed with Oracle WebLogic Server component in Oracle WebLogic Server through 10.3.6.0, 12.1.3.0, 12.2.1.3, 12.2.1.4 or 14.1.1.0 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle Sample apps (Spring Framework). Successful exploitation can cause unspecified impact.


Pages:      Start    1868    1869    1870    1871    1872    1873    1874    1875    1876    1877    1878    1879    1880    1881    ..   3150

© SecPod Technologies