[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250363

 
 

909

 
 

196124

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 26822 Download | Alert*

The host is installed with Apache HTTP Server 2.4.18 through 2.4.39 and is prone to a read-after-free vulnerability. A flaw is present in the application, which fails to properly handle an issue in mod_http2. Successful exploitation could allow attackers to read memory after being freed during connection shutdown using fuzzed network input.

The host is installed with Apache HTTP Server 2.4.33 through 2.4.38 and is prone to a stack buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle specially crafted PROXY headers. Successful exploitation could allow attackers to trigger a stack buffer overflow or NULL pointer deference.

The host is installed with FasterXML jackson-databind 2.8.0 before 2.8.11.5 or 2.9.0 before 2.9.10 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle issues in polymorphic typing. Successful exploitation could allow attackers to cause an unspecified impact.

The host is installed with Oracle WebLogic Server component in Oracle WebLogic Server through 12.2.1.3 or 12.2.1.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle Core Components (Connect2id Nimbus JOSE+JWT). Successful exploitation can cause unspecified impact.

Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access.

The host is installed with KeePass 2.4.1 and is prone to a CSV injection vulnerability. A flaw is present in the application which fails to properly handle an issue in the title field of a CSV export. Successful exploitation allows attackers to force other user to execute code in his machine.

The host is installed with SpringSource Spring Framework 5.0.x before 5.0.16, 5.1.x before 5.1.13, or 5.2.x before 5.2.3 and is prone to a reflected file download vulnerability. A flaw is present in the application, which fails to handle when it sets a "Content-Disposition" header in the response. Successful exploitation allows attackers to allow download of code without integrity check.

The host is installed with VideoLAN VLC Media Player before 2.0.7 and is prone to memory exhaustion vulnerability. A flaw is present in the application, which fails to handle crafted playlist files. Successful exploitation allows attackers to cause a denial of service.

The host is installed with dojo before 1.11.10, 1.12.x before 1.12.8, 1.13.x before 1.13.7, 1.14.x before 1.14.6, 1.15.x before 1.15.3 or 1.16.x before 1.16.2 and is prone to a prototype pollution vulnerability. A flaw is present in the application, which fails to properly handle issues in deepCopy method. Successful exploitation could allow attackers to manipulate the attributes to overwrite, or ...


Pages:      Start    1558    1559    1560    1561    1562    1563    1564    1565    1566    1567    1568    1569    1570    1571    ..   2682

© SecPod Technologies