[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 31160 Download | Alert*

An elevation of privilege vulnerability exists when the Visual Studio Extension Installer Service improperly handles file operations. An attacker who successfully exploited the vulnerability could delete files in arbitrary locations with elevated permissions. To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted applicati ...

An information disclosure vulnerability exists when Visual Studio improperly parses XML input in certain settings files. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration.To exploit the vulnerability, an attacker could create specially crafted XML data and convince an authenticated user to open the file.The update addr ...

An information disclosure vulnerability exists when Visual Studio improperly discloses limited contents of uninitialized memory while compiling program database (PDB) files. An attacker who took advantage of this information disclosure could view uninitialized memory from the Visual Studio instance used to compile the PDB file. To take advantage of the vulnerability, an attacker would require acce ...

The host is installed with Python 2.7 before 2.7.8 or 3.x before 3.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted input. Successful exploitation could allow attackers to crash the service.

The host is installed with Apache HTTP Server 2.2.x through 2.2.27 or 2.4.x through 2.4.10 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a crafted data. Successful exploitation could allow remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer c ...

The host is installed with Apache HTTP Server 2.4.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle long response headers. Successful exploitation could allow remote FastCGI servers to cause a denial of service (buffer over-read and daemon crash) via long response headers.

The host is installed with Apache HTTP Server 2.4.12 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly initialize the protocol structure member. Successful exploitation could allow remote attackers to cause a denial of service (NULL pointer dereference and process crash).

The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive.

The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a "type confusion" issue.

The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a "type confusion" issue.


Pages:      Start    1362    1363    1364    1365    1366    1367    1368    1369    1370    1371    1372    1373    1374    1375    ..   3115

© SecPod Technologies