[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249461

 
 

909

 
 

195508

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15145 Download | Alert*

The PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service via a crafted PDF document.

Roundcube Webmail allows arbitrary password resets by authenticated users.This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin.

CSRF was discovered in the web UI in Deluge before 1.3.14. The exploitation methodology involves hosting a crafted plugin that executes an arbitrary program from its __init__.py file and causing the victim to download, install, and enable this plugin.

Heap-based buffer overflow in the jpc_dec_decodepkt function in jpc_t2dec.cin libjasper-dev 2.0.10 allows remote attackers to have unspecified impact via a crafted image.

The dex_load code function in libr/bin/p/bin_dex.c in radare2 1.2.1 allow sremote attackers to cause a denial of service via a crafted DEX file.

In wallpaper.c in feh before v2.18.3, if a malicious client pretends to be the E17 window manager, it is possible to trigger an out-of-boundary heap write while receiving an IPC message. An integer overflow leads to a buffer overflow and/or a double free.

WebUI in qBittorrent before 3.3.11 did not set the X-Frame-Options header,which could potentially lead to clickjacking.

Drupal 8.4.x versions before 8.4.5 and Drupal 7.x versions before 7.57 has a Drupal.check Plain JavaScript function which is used to escape potentially dangerous text before outputting it to HTML . This function does not correctly handle all methods of injecting malicious HTML, leading to across-site scripting vulnerability under certain circumstances. The PHP functions which Drupal provides for H ...

Use-after-free vulnerability in the fz_subsample_pixmap function infitz/pixmap.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.

The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo0.9.5 allows remote attackers to cause a denial of service via a crafted file.


Pages:      Start    592    593    594    595    596    597    598    599    600    601    602    603    604    605    ..   1514

© SecPod Technologies