[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253390

 
 

909

 
 

197257

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15192 Download | Alert*

ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name, as demonstrated by "constructor": {"name":"Symbol"}. Hence, a crafted payload can overwrite this builtin attribute to manipulate the type detection result.

The host is installed with Novell File Reporter 1.0.4.2 or earlier and is prone to arbitrary files deletion vulnerability. A flaw is present in the application which is caused due to an error in the NFR Agent (NFRAgent.exe) when handling "OPERATION " and "CMD" commands in the "SRS" tag. Successful exploitation allows remote attacker to delete arbitrary files.

The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0allows remote attackers to cause a denial of service via a crafted jpeg file.

The backtrack compilation code in the Irregex package before 0.9.6 for Scheme allows remote attackers to cause a denial of service via a crafted regular expression with a repeating pattern.

The glob implementation in the GNU C Library allows remote authenticated users to cause a denial of service via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.

The Direct Rendering Manager subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager objects, which allows context-dependent attackers to cause a denial of service via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.

The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address information by reading "ffree: " lines in a debugfs file.

The host is installed with libevent in RHEL 6 or 7 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle an excessively long input. Successful exploitation could allow attackers to crash the service.

The host is installed with IBM Lotus Domino 8.5.x through 8.5.3 and is prone to open redirect vulnerability. A flaw is present in the application, which fails to properly handle the Web server component. Successful exploitation allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

The host is installed with IBM Tivoli Directory Server (TDS) 6.1 before 6.1.0.47 or 6.2 before 6.2.0.22 or 6.3 before 6.3.0.11 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed LDAP paged search request. Successful exploitation allows remote attackers to cause the application to crash.


Pages:      Start    1487    1488    1489    1490    1491    1492    1493    1494    1495    1496    1497    1498    1499    1500    ..   1519

© SecPod Technologies