[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

252212

 
 

909

 
 

196748

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15178 Download | Alert*

In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-144161459

Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1 and versions 5.x before 5.1.1 allows an attacker to add arbitrary properties to JavaScript language constructs such as objects.

yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "__proto__" payload.

In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function . Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.

The host is installed with Elasticsearch 5.x before 6.8.21, 7.x before 7.16.1 or Logstash 5.x before 6.8.21, 7.x before 7.16.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle an issue in Log4j library. Successful exploitation could allow attackers to cause information leakage or denial of service.

The host is installed with Elasticsearch 5.x before 6.8.21, 7.x before 7.16.1 or Logstash 5.x before 6.8.21, 7.x before 7.16.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle an issue in Log4j library. Successful exploitation could allow attackers to cause information leakage or denial of service.

Samba AD users with permission to write to an account can impersonate arbitrary services.

In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference.

WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ prior to version 2.20.0 or without libsoup 2.62.0, unexpectedly failed to use system proxy settings for WebSocket connections. As a result, users could be deanonymized by crafted web sites via a WebSocket connection.

WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ versions 2.20.0 and 2.20.1, failed to perform TLS certificate verification for WebSocket connections.


Pages:      Start    944    945    946    947    948    949    950    951    952    953    954    955    956    957    ..   1517

© SecPod Technologies