[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248364

 
 

909

 
 

195388

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 26443 Download | Alert*

The host is installed with Wireshark 1.10.12 through 1.10.14 and is prone to a denial of service vulnerability. A flaw is present in the application, which mishandles a certain strdup return value. Successful exploitation could allow attackers to cause a denial of service (application crash).

The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a "type confusion" issue.

ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string.

The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialized data.

The host is installed with Ghostscript 9.21 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted PostScript document. Successful exploitation could allow attackers to crash the service.

The host is installed with LibreOffice 6.2.x before 6.2.7 or 6.3.x before 6.3.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle the Windows 8.3 path equivalence component. Successful exploitation could allow attackers to trigger a document to execute LibreLogo via a Windows filename pseudonym.

A spoofing vulnerability exists in Visual Studio Live Share when a guest connected to a Live Share session is redirected to an arbitrary URL specified by the session host. An attacker who successfully exploited this vulnerability could cause a connected guest's computer to open a browser and navigate to a URL without consent from the guest. To exploit the vulnerability, an attacker would need to h ...

In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution.

The host is installed with Apple iTunes before 12.10.1 or Apple iCloud before 7.14 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fail to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to execute arbitrary code through maliciously crafted web content.

The host is installed with Docker before 19.03.9 and is prone to a path traversal vulnerability. A flaw is present in the application, which fails to handle an issue in util/binfmt_misc/check.go in Builder. Successful exploitation could allow attackers to access arbitrary directories.


Pages:      Start    1572    1573    1574    1575    1576    1577    1578    1579    1580    1581    1582    1583    1584    1585    ..   2644

© SecPod Technologies