[Forgot Password]
Login  Register Subscribe

25354

 
 

132811

 
 

146396

 
 

909

 
 

117043

 
 

156

 
 
Paid content will be excluded from the download.

Filter
Matches : 498 Download | Alert*

In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference.

On DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, cgi-bin/mainfunction.cgi/cvmcfgupload allows remote command execution via shell metacharacters in a filename when the text/x-python-script content type is used, a different issue than CVE-2020-14472.

In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based buffer over-read in Streams_Fill_PerStream in Multiple/File_MpegPs.cpp (aka an off-by-one during MpegPs parsing).

The Nexos theme through 1.7 for WordPress allows top-map/?search_location= reflected XSS.

In the Linux kernel through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770.

The Nexos theme through 1.7 for WordPress allows side-map/?search_order= SQL Injection.

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a world-readable axess/opt/axXMPPHandler/config/xmpp_config.py file that stores hardcoded credentials.

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axiros password for the root account.

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/mysql chroot directory tree.

Stash 1.0.3 allows SQL Injection via the downloadmp3.php download parameter.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   49

© SecPod Technologies