[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250053

 
 

909

 
 

195940

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15153 Download | Alert*

batteriesConfig.mlp in OCaml Batteries Included 2.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.

An accessibility flaw was found in the OpenStack Workflow service where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information.

The splt_cue_export_to_file function in cue.c in libmp3splt 0.9.2 allows remote attackers to cause a denial of service via a crafted file.

In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no "\0" character after the version string.

A prototype pollution vulnerability was found in lodash <4.17.11 where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of Object.prototype.

Cross-site scripting vulnerability in Open Ticket Request System 3.3.x before 3.3.16, 4.0.x before 4.0.19, and 5.0.x before 5.0.14 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment.

An issue was discovered in phpMyAdmin. Due to a bug in serialized string parsing, it was possible to bypass the protection offered by PMA_safeUnserialize function. All 4.6.x versions , 4.4.x versions , and 4.0.x versions are affected.

The bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG 2.2.0 does not reject headers with a zero biBitCount, which allows remote attackers to cause a denial of service in the opj_image_create function in lib/openjp2/image.c, related to the opj_aligned_alloc_n function in opj_malloc.c.

Unspecified vulnerability in Oracle MySQL 5.6.21 and earlier allows remote authenticated users to affect availability via vectors related to DML.

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit.


Pages:      Start    520    521    522    523    524    525    526    527    528    529    530    531    532    533    ..   1515

© SecPod Technologies