[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 26099 Download | Alert*

Use-after-free vulnerability in the CURLFile implementation in ext/curl/curl_file.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during __wakeup processing.

Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted imagewebp and imagedestroy calls.

In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution.

The host is installed with Apache HTTP Server 2.4.0 through 2.4.39 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle malformed links in the mod_proxy error page. Successful exploitation could allow attackers to cause the link on the error page to be malformed and instead point to a page of their choice.

The host is installed with Apache HTTP Server 2.4.0 through 2.4.39 and is prone to an open redirect vulnerability. A flaw is present in the application, which fails to properly handle an issue in mod_rewrite. Successful exploitation could allow attackers to cause redirects to an unexpected URL within a request URL through encoded newlines.

Mozilla Thunderbird 68.1 : Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward.

The host is installed with Oracle Java SE through 11.0.4 or 13 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to 2D. Successful exploitation allows attackers to affect availability.

The host is installed with Oracle MySQL Server through 5.5.51, 5.6.32 or 5.7.14 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Server: Error Handling. Successful exploitation allows attackers to affect Confidentiality, Integrity and Availability.

The host is installed with OpenSSH 5.7 through 8.4 and is prone to an information disclosure vulnerability. A flaw is present in application, which fails to handle algorithm negotiation. Successful exploitation could allows man-in-the-middle attackers to target initial connection attempts.

The host is installed with OpenSSH before 7.4 and is prone to a NULL pointer dereference vulnerability. A flaw is present in the application, which fails to properly handle an issue in sshd. Successful exploitation could allow remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message.


Pages:      Start    1130    1131    1132    1133    1134    1135    1136    1137    1138    1139    1140    1141    1142    1143    ..   2609

© SecPod Technologies