[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 27003 Download | Alert*

Use-after-free vulnerability in the CURLFile implementation in ext/curl/curl_file.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during __wakeup processing.

Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted imagewebp and imagedestroy calls.

In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution.

Mozilla Thunderbird 68.1 : Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward.

The host is installed with Oracle Java SE through 11.0.4 or 13 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to 2D. Successful exploitation allows attackers to affect availability.

The host is installed with Oracle MySQL Server through 5.5.51, 5.6.32 or 5.7.14 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Server: Error Handling. Successful exploitation allows attackers to affect Confidentiality, Integrity and Availability.

The host is installed with OpenSSH 5.7 through 8.4 and is prone to an information disclosure vulnerability. A flaw is present in application, which fails to handle algorithm negotiation. Successful exploitation could allows man-in-the-middle attackers to target initial connection attempts.

The host is installed with OpenSSH before 7.4 and is prone to a NULL pointer dereference vulnerability. A flaw is present in the application, which fails to properly handle an issue in sshd. Successful exploitation could allow remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message.

When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code.

The host is installed with Google Chrome before 50.0.2661.75 and is prone to multiple unspecified vulnerabilities. The flaws are present in the application, which fails to handle unknown vectors. Successful exploitation allow attackers to cause a denial service or possibly have other impact.


Pages:      Start    1236    1237    1238    1239    1240    1241    1242    1243    1244    1245    1246    1247    1248    1249    ..   2700

© SecPod Technologies