CVE-2019-19839

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/cmdstat.jsp via the uploadFile attribute...

CVE-2023-27368

NETGEAR RAX30 soapserverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific...

CVE-2023-27368 NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability

NETGEAR RAX30 soapserverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific...

Ubuntu: Security Advisory (USN-4837-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2020-0049)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Open Source Security issues for NPS console.

Summary Fixed Open Source issues for listed CVEs for NPS console. Vulnerability Details CVEID: CVE-2018-19838 DESCRIPTION: LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the IMPLEMENTASTOPERATORS expansion in ast.cpp. By persuading a victim to open a...

Security Bulletin: OSS security Scan issues for Concerto installer.

Summary Fixed in IBM Netezza for Cloud Pak for Data 11.1.1.0 Vulnerability Details CVEID: CVE-2018-19838 DESCRIPTION: LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the IMPLEMENTASTOPERATORS expansion in ast.cpp. By persuading a victim to open a...

Updated libsass packages fix security vulnerabilities

Use-after-free vulnerability in sasscontext.cpp:handleerror CVE-2018-11499. Null pointer dereference in Sass::SelectorList::populateextends CVE-2018-19797. Use-after-free vulnerability exists in the SharedPtr class CVE-2018-19827. Stack overflow in Eval::operator CVE-2018-19837. Stack-overflow at...

CVE-2019-19839

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/cmdstat.jsp via the uploadFile attribute...

CVE-2019-19839

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/cmdstat.jsp via the uploadFile attribute...

CVE-2019-19839

CVE-2019-19839 affects Ruckus Wireless Unleashed emfd; a remote attacker can execute OS commands by sending a POST to admin/_cmdstat.jsp with xcmd=import-category via the uploadFile attribute. Root cause is improper handling of the xcmd=import-category parameter in emfd, enabling command executio...

openSUSE Security Update : libsass (openSUSE-2019-1791)

This update for libsass to version 3.6.1 fixes the following issues : Security issues fixed : - CVE-2019-6283: Fixed heap-buffer-overflow in Sass::Prelexer::parenthesescopechar const boo1121943. - CVE-2019-6284: Fixed heap-based buffer over-read exists in Sass:Prelexer:alternatives boo1121944. -...

openSUSE: Security Advisory for libsass (openSUSE-SU-2019:1791-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2018-19839

In LibSass prior to 3.5.5, the function handleerror in sasscontext.cpp allows attackers to cause a denial-of-service resulting from a heap-based buffer over-read via a crafted sass file...

CVE-2018-19839

In LibSass prior to 3.5.5, the function handleerror in sasscontext.cpp allows attackers to cause a denial-of-service resulting from a heap-based buffer over-read via a crafted sass file...