[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

251782

 
 

909

 
 

196543

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 26650 Download | Alert*

In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string.

The host is installed with Apache Tomcat 9.0.0.M1 through 9.0.7, 7.0.28 through 7.0.88, 8.0.x through 8.0.51 or 8.5.x through 8.5.30 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle overflow in the UTF-8 decoder. Successful exploitation allow attackers to cause denial of service.

The host is installed with Apache Tomcat 9.0.0.M1 through 9.0.9, 7.0.25 through 7.0.88, 8.0.x through 8.0.52 or 8.5.x through 8.5.31 and is prone to a security bypass vulnerability. A flaw is present in application, which fails to properly perform host name verification. Successful exploitation allow attackers to bypass security constraints.

The host is installed with Apache Subversion 1.5.x before 1.8.15 and is prone to an intended access restriction bypass vulnerability. A flaw is present in the application, which fails to handle a realm string that is a prefix of an expected repository realm string. Successful exploitation could allow remote attackers to authenticate and bypass intended access restrictions.

The host is installed with OpenVPN before 2.3.12 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle the 64-bit block ciphers such as 3DES and Blowfish. Successful exploitation allows remote attackers to recover plaintext when the same data is sent and can use cross-site scripting vulnerabilities to send data of interest.

The host is installed with OpenSSL version 1.0.2b to 1.0.2m or Oracle MySQL Server through 5.6.38 or through 5.7.20 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle exceptional conditions. Successful exploitation allows remote attackers to bypass security restrictions and perform unauthorized actions.

The host is installed with Mozilla Thunderbird before 52.5.2 and is prone to a javascript execution vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute JavaScript in the parsed RSS feed.

The host is installed with Mozilla Thunderbird before 52.5.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle crafted CSS. Successful exploitation could allow attackers to leak and reveal local path strings, which may contain user name.

The host is installed with Mozilla Thunderbird before 52.5.2 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to inject new lines into the created email structure.

The host is installed with Mozilla Thunderbird before 52.5.2 and is prone to an address spoofing vulnerability. A flaw is present in the application, which fails to properly handle null character. Successful exploitation could allow attackers to modify the message body.


Pages:      Start    1108    1109    1110    1111    1112    1113    1114    1115    1116    1117    1118    1119    1120    1121    ..   2664

© SecPod Technologies