10 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-25026
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely,...
Out-of-bounds Write in actix-web
An issue was discovered in the actix-web crate before 0.7.19 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption...
Out-of-bounds Write in actix-web
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption...
UBUNTU-CVE-2018-25024
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption...
CVE-2018-25026
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption...
Rust actix-web crate 缓冲区错误漏洞
Rust actix-web crate is a Rust web framework. a security vulnerability exists in versions of Rust actix-web crate prior to 0.7.15, which stems from the fact that it can unreasonably prolong the life cycle of a string, which can be exploited by an attacker to cause memory corruption...
Rust actix-web crate 缓冲区错误漏洞
Rust actix-web crate is a Rust web framework. security vulnerability exists in Mozilla Rust actix-web crate versions prior to 0.7.15, which can be exploited by attackers to cause memory corruption...
CVE-2009-1409
SQL injection vulnerability in usersettings.php in e107 0.7.15 and earlier, when "Extended User Fields" is enabled and magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the hide parameter, a different vector than CVE-2005-4224 and CVE-2008-5320...
CVE-2009-1409
SQL injection vulnerability in usersettings.php in e107 0.7.15 and earlier, when "Extended User Fields" is enabled and magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the hide parameter, a different vector than CVE-2005-4224 and CVE-2008-5320...
CVE-2009-1409
The CVE-2009-1409 entry describes an SQL injection in e107 (versions up to 0.7.15 and earlier) affecting usersettings.php when Extended User Fields is enabled and magic_quotes_gpc is disabled. An attacker can craft the hide parameter to execute arbitrary SQL commands remotely. The description spe...