[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 197798 Download | Alert*

U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality.

BitlBee before 3.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list.

WordPress before 4.5.3 allows remote attackers to bypass the sanitize_file_name protection mechanism via unspecified vectors.

examples/framework/news/news3.py in Kiwi 1.9.22 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.

The gig::Region::Region function in gig.cpp in libgig-dev 4.0.0 allows remote attackers to cause a denial of service via a crafted gig file.

The process_otr function in bfd/versados.c in the Binary File Descriptor library , as distributed in GNU Binutils 2.28, does not validate a certain offset, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.

The evax_bfd_print_emh function in vms-alpha.c in the Binary File Descriptor library , as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file.

Cross-site scripting vulnerability in the cgierror function in CGI.pm in ikiwiki before 3.20160506 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving an error message.

Cross-site request forgery vulnerability in the wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 allows remote attackers to hijack the authentication of subscribers for /dev/random read operations by leveraging a late call to the check_ajax_referer function, a related issue to CVE-2016-6896.

Regular Expression Denial of Service


Pages:      Start    7399    7400    7401    7402    7403    7404    7405    7406    7407    7408    7409    7410    7411    7412    ..   19779

© SecPod Technologies