[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15192 Download | Alert*

Use-after-free vulnerability in the fz_subsample_pixmap function infitz/pixmap.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.

The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo0.9.5 allows remote attackers to cause a denial of service via a crafted file.

Drupal core 7.x versions before 7.57 has an external link injection vulnerability when the language switcher block is used. A similar vulnerability exists in various custom and contributed modules. This vulnerability could allow an attacker to trick users into unwillingly navigating to an external site.

In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote attackers to cause a denial of service via a crafted file.

In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF.

libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript,has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. For example, the jbig2dec utility will crash when parsing an invalid file.

A jQuery cross site scripting vulnerability is present when making Ajaxrequests to untrusted domains. This vulnerability is mitigated by the fact that it requires contributed or custom modules in order to exploit. For Drupal 8, this vulnerability was already fixed in Drupal 8.4.0 in the Drupal core upgrade to jQuery 3. For Drupal 7, it is fixed in the current release for jQuery 1.4.4 as well as fo ...

The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service via a crafted PDF document.

WebUI in qBittorrent before 3.3.11 did not escape many values, which could potentially lead to XSS.

The _dwarf_get_abbrev_for_code function in dwarf_util.c in libdwarf20161001 and earlier allows remote attackers to cause a denial of service by calling the dwarfdump command on a crafted file.


Pages:      Start    600    601    602    603    604    605    606    607    608    609    610    611    612    613    ..   1519

© SecPod Technologies