[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15192 Download | Alert*

Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20. In the agent interface, an authenticated remote attacker can execute shell commands as the webserver user via URL manipulation.

An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11.

An issue was discovered in OpenStack nova-common 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header,result ing in a denial of service attack on the compute host. All nova-common setups supporting encrypted volumes are affected.

The call parameter of /lib/exe/ajax.php in DokuWiki through 2017-02-19edoes not properly encode user input, which leads to a reflected file download vulnerability, and allows remote attackers to run arbitrary programs.

In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brunfunction in plug-ins/file-fli/fli.c.

wp-admin/user-new.php in WordPress before 4.9.1 sets the new bloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restrictions by entering this string.

In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data.

The Mem_File_Reader::read_avail function in Data_Reader.cpp in the Game_Music_Emu library 0.6.1 does not ensure anon-negative size, which allows remote attackers to cause a denial of service via a crafted file.

In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file-psp.c.

The function d2ulaw_array in ulaw.c of libsndfile1 1.0.29pre1 may lead to a remote DoS attack , a different vulnerability than CVE-2017-14246.


Pages:      Start    618    619    620    621    622    623    624    625    626    627    628    629    630    631    ..   1519

© SecPod Technologies