[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 246818 Download | Alert*

Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.13, and 8.0.x before 8.0.6 allows remote attackers to cause a denial of service via vectors related to the management interface.

The configuration file import for applications, spyware and vulnerability objects functionality in the web interface in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, and 7.1.x before 7.1.14 allows remote attackers to conduct server-side request forgery (SSRF) attacks and consequently obtain sensitive information via vectors related to parsing of external entities.

The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev-db/mysql-cluster, and dev-db/mariadb-galera packages before 2017-09-29 have chown calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to the mysql account for creation of a link.

In the com_tag component 1.7.6 for Joomla!, a SQL injection vulnerability is located in the `tag` parameter to index.php. The request method to execute is GET.

Simple ASC Content Management System v1.2 has XSS in the location field in the sign function, related to guestbook.asp, formgb.asp, and msggb.asp.

Perch Content Management System 3.0.3 allows unrestricted file upload (with resultant XSS) via the Asset Title field in conjunction with the Select File field. This is exploitable with a Limited Admin account.

Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit parameter to admin/adminuseredit.php or the log_id parameter to admin/editgroup.php.

IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. IBM X-Force ID: 132549.

Flexense SyncBreeze Enterprise version 10.1.16 is vulnerable to a buffer overflow that can be exploited for arbitrary code execution. The flaw is triggered by providing a long input into the "Destination directory" field, either within an XML document or through use of passive mode.

bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow and crash when processing a malformed CUE (.cue) file.


Pages:      Start    13836    13837    13838    13839    13840    13841    13842    13843    13844    13845    13846    13847    13848    13849    ..   24681

© SecPod Technologies