12 matches found
CVE-2019-15779
The insta-gallery plugin before 2.4.8 for WordPress has no nonce validation for qliggdismissnotice or qliggformitemdelete...
SUSE CVE-2017-15779
XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at CADImage+0x00000000000034b0."...
CVE-2020-15779
A Path Traversal issue was discovered in the socket.io-file package through 2.0.31 for Node.js. The socket.io-file::createFile message uses path.join with ../ in the name option, and the uploadDir and rename options determine the path...
CVE-2020-15779
CVE-2020-15779: Path traversal in socket.io-file (Node.js) up to 2.0.31. The socket.io-file::createFile path uses path.join with ../ in the name, with uploadDir and rename options further determining the target path, enabling possible arbitrary file writes. Exploitation details are not provided i...
CVE-2020-15779
A Path Traversal issue was discovered in the socket.io-file package through 2.0.31 for Node.js. The socket.io-file::createFile message uses path.join with ../ in the name option, and the uploadDir and rename options determine the path...
@best/agent-hub (>=7.0.1 <=17.0.0), best (>=7.0.1 <=17.0.0) potentially affected by CVE-2020-15779 via socket.io-file (=2.0.31)
socket.io-file NPM version =2.0.31 is affected by a known vulnerability. The following packages have a transitive dependency on socket.io-file and may be impacted: - @best/agent-hub =7.0.1, =7.0.1, =17.0.0 Source cves: CVE-2020-15779 Source advisory: OSV:GHSA-9H4G-27M8-QJRG...
CVE-2019-15779
The insta-gallery plugin before 2.4.8 for WordPress has no nonce validation for qliggdismissnotice or qliggformitemdelete...
CVE-2019-15779
The CVE-2019-15779 entry concerns the WordPress insta-gallery plugin prior to version 2.4.8, which has no nonce validation for qligg_dismiss_notice or qligg_form_item_delete. Consequence per sources indicates lack of CSRF/authorization checks could allow unauthorized actions, including potential ...
CVE-2019-15779
The insta-gallery plugin before 2.4.8 for WordPress has no nonce validation for qliggdismissnotice or qliggformitemdelete...
CVE-2018-15779
...
CVE-2018-15779
CVE-2018-15779 entry is rejected/not used as stated in the description.
CVE-2017-15779
CVE-2017-15779 affects XnView Classic for Windows 2.43. A buffer overflow in the .dwg file handling can allow arbitrary code execution or a denial of service via a specially crafted .dwg, related to memory corruption around Data from Faulting Address controlling subsequent Write Address at CADIma...