[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15134 Download | Alert*

An issue was discovered in the function mark_beginning_as_normal in nfa.cin flex 2.6.4. There is a stack exhaustion problem caused by the mark_beginning_as_normal function making recursive calls to itself in certain scenarios involving lots of "*" characters. Remote attackers could leverage this vulnerability to cause a denial-of-service.

A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to the logged-in user"s session.

SchedMD Slurm before 17.11.13 and 18.x before 18.08.5 mishandles 32-bit systems.

ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sort parameter.

A Denial of Service issue was discovered in the LIVE555 Strealibming-dev Media libraries as used in Live555 Media Server 0.93. It can cause an RTSP Server crash in handle HTTPCmd_Tunneling POST, when RTSP-over-HTTP tunneling is supported, via x-session cookie HTTP headers in a GET request and a POST request within the same TCP session. This occurs because of a call to an incorrect virtual function ...

skins/classic/views/control cap.php in ZoneMinder before 1.32.3 has XSS via the newControl array, as demonstrated by the newControl[MinTiltRange]parameter.

daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via shell metacharacters.

ZoneMinder before 1.32.3 has SQL Injection via the skins/classic/views/control.php groupSql parameter, as demonstrated by a newGroup[MonitorIds][] value.

Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384elliptic curves, which allows attackers to cause a denial of service or possibly conduct ECDH private key recovery attacks.

python3-sqlalchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.


Pages:      Start    630    631    632    633    634    635    636    637    638    639    640    641    642    643    ..   1513

© SecPod Technologies