[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 43198 Download | Alert*

Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users should upgrade to 2.6 or later

Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe, with the latter holding a pointer to the end of the buffer. This can lead to information disclosures or crashes. This function can be triggered via uv_getaddrinfo

QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write when a certain downstream write fails

An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf

This update for qpdf fixes the following issues: - CVE-2022-34503: Fixed a heap buffer overflow via the function QPDF:processXRefStream . - CVE-2021-36978: Fixed heap-based buffer overflow in Pl_ASCII85Decoder::write .

This update for qpdf fixes the following issues: - CVE-2022-34503: Fixed a heap buffer overflow via the function QPDF::processXRefStream . - CVE-2021-36978: Fixed heap-based buffer overflow in Pl_ASCII85Decoder::write .

This update for qpdf fixes the following issues: - CVE-2021-36978: Fixed heap-based buffer overflow in Pl_ASCII85Decoder::write .

qpdf: tools for transforming and inspecting PDF files Several security issues were fixed in QPDF.

qpdf: tools for transforming and inspecting PDF files Several security issues were fixed in QPDF.

For Eclipse Jetty versions less than= 9.4.40, less than= 10.0.2, less than= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For example a request to `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application


Pages:      Start    1508    1509    1510    1511    1512    1513    1514    1515    1516    1517    1518    1519    1520    1521    ..   4319

© SecPod Technologies