CVE-2019-16317

In Pimcore before 5.7.1, an attacker with limited privileges can trigger execution of a .phar file via a phar:// URL in a filename parameter, because PHAR uploads are not blocked and are reachable within the phar://../../../../../../../../var/www/html/web/var/assets/ directory, a different...

CVE-2019-16317

creationtimestamp| type| source ---|---|--- 2023-12-25 09:26:45+00:00| seen| https://t.me/ctinow/159167...

CVE-2017-16317

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

CVE-2017-16317

CVE-2017-16317 affects Insteon Hub (firmware 1012) via the PubNub message handler on channel cc. The vulnerability is a set of stack-based buffer overflows caused by unconstrained strcpy calls when parsing JSON commands (e.g., s_sonos, s_auth, g_group, etc.). An authenticated HTTP request can tri...

CVE-2019-16317

CVE-2019-16317 targets Pimcore before 5.7.1. Affected component/issue: PHAR upload handling, where a filename parameter can be used with a phar:// URL to trigger execution of a .phar file. Attacker with limited privileges can exploit this to achieve code execution, with uploads reachable within t...

Fedora Update for polarssl FEDORA-2013-16317

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...