[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15124 Download | Alert*

In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field in a Create Task List action.

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2016-0504.

The III_i_stereo function in libmpg123/layer3.c in mpg123 through 1.25.1 allows remote attackers to cause a denial of service via a crafted audio file that is mishandled in the code for the "block_type != 2" case, a similar issue to CVE-2017-9870.

Cross-site request forgery vulnerability in ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that execute the XML validator on a local file via a crafted valider_xml request. NOTE: this issue can be combined with CVE-2016-7998 to execute arbitrary PHP code.

Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit _users documents with duplicate keys for "roles" used for access control within the database, including the special case "_admin" role, that denotes administrative users. In combination with CVE-2017-12636 , this can be used to give non-a ...

Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript `RegExp` objects. The primary function, `minimatch` in Minimatch 3.0.1 and earlier is vulnerable to ReDoS in the `pattern` parameter.

An issue was discovered in phpMyAdmin. An authorized user can cause a denial-of-service attack on a server by passing large values to a loop. All 4.6.x versions , 4.4.x versions , and 4.0.x versions are affected.

GLPI before 9.1.5.1 has SQL Injection in the condition rule field, exploitable via front/rulesengine.test.php.

Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to DML.

OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c


Pages:      Start    537    538    539    540    541    542    543    544    545    546    547    548    549    550    ..   1512

© SecPod Technologies