18 matches found
CVE-2019-18409
The rubyparser-legacy aka legacy gem 1.0.0 for Ruby allows local privilege escalation because of world-writable files. For example, if the brakeman gem which has a legacy dependency 4.5.0 through 4.7.0 is used, a local user can insert malicious code into the...
CVE-2020-18409
Cross Site Request Forgery CSRF vulnerability was discovered in CatfishCMS 4.8.63 that would allow attackers to obtain administrator permissions via /index.php/admin/index/modifymanage.html...
CVE-2019-18409
creationtimestamp| type| source ---|---|--- 2024-01-27 10:41:41+00:00| seen| https://t.me/ctinow/174732...
CVE-2020-18409
CVE-2020-18409 is a CSRF vulnerability in CatfishCMS 4.8.63 that could let an attacker obtain administrator permissions via /index.php/admin/index/modifymanage.html. Connected sources confirm the affected product/version and the admin-privilege impact, with at least one report indicating exploita...
CVE-2019-18409
The rubyparser-legacy aka legacy gem 1.0.0 for Ruby allows local privilege escalation because of world-writable files. For example, if the brakeman gem which has a legacy dependency 4.5.0 through 4.7.0 is used, a local user can insert malicious code into the...
CVE-2019-18409
The rubyparser-legacy aka legacy gem 1.0.0 for Ruby allows local privilege escalation because of world-writable files. For example, if the brakeman gem which has a legacy dependency 4.5.0 through 4.7.0 is used, a local user can insert malicious code into the...
CVE-2019-18409
The CVE-2019-18409 entry concerns the ruby_parser-legacy gem (version 1.0.0) for Ruby, where local privilege escalation is possible due to world-writable files. The Red Hat and other sources reiterate that, for example, if the brakeman gem (with legacy dependency) versions 4.5.0–4.7.0 are used, a...
CVE-2019-18409
The rubyparser-legacy aka legacy gem 1.0.0 for Ruby allows local privilege escalation because of world-writable files. For example, if the brakeman gem which has a legacy dependency 4.5.0 through 4.7.0 is used, a local user can insert malicious code into the...
Updated tcpflow packages fix security vulnerability
Updated tcpflow package fixes security vulnerability: A stack-based buffer over-read exists in setbit at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an addresshistogram call or a gethistogram call CVE-2018-18409...
MGASA-2019-0264 Updated tcpflow packages fix security vulnerability
Updated tcpflow package fixes security vulnerability: A stack-based buffer over-read exists in setbit at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an addresshistogram call or a gethistogram call CVE-2018-18409...
CVE-2017-18409
In this CVE, the affected software is cPanel prior to 67.9999.103. The backup interface could return a backup archive containing all MySQL databases (SEC-283), indicating an information disclosure vulnerability in the backup generation process. The available sources do not specify the exact root ...
Fedora Update for tcpflow FEDORA-2019-2c020ccbd5
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 30 : tcpflow (2019-ea0f30909a)
Update tcpflow to 1.5.2 tag at github, fixing a security issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 28 : tcpflow (2019-8cdd669aca)
Update tcpflow to 1.5.2 tag at github, fixing a security issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
DEBIAN-CVE-2018-18409
A stack-based buffer over-read exists in setbit at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an addresshistogram call or a gethistogram call...
CVE-2018-18409
A stack-based buffer over-read exists in setbit at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an addresshistogram call or a gethistogram call...
CVE-2018-18409
A stack-based buffer over-read exists in setbit at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an addresshistogram call or a gethistogram call...
CVE-2018-18409
A stack-based buffer over-read exists in setbit at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an addresshistogram call or a gethistogram call...