RHEL 8 : cfitsio (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cfitsio: Stack-based buffer overflow in ffghtb allows for potential code execution CVE-2018-3849 - In the...

RHEL 8 : cfitsio (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cfitsio: Stack-based buffer overflow in ffghtb allows for potential code execution CVE-2018-3849 - In the...

CVE-2015-10105 IP Blacklist Cloud Plugin CSV File Import ip_blacklist_cloud.php valid_js_identifier path traversal

A vulnerability, which was classified as critical, was found in IP Blacklist Cloud Plugin up to 3.42 on WordPress. This affects the function validjsidentifier of the file ipblacklistcloud.php of the component CSV File Import. The manipulation of the argument filename leads to path traversal. It i...

PT-2023-10284 · WordPress · Ip Blacklist Cloud Plugin

Name of the Vulnerable Software and Affected Versions: IP Blacklist Cloud Plugin versions up to 3.42 Description: A critical vulnerability was found in the IP Blacklist Cloud Plugin on WordPress, affecting the valid js identifier function of the ip blacklist cloud.php file in the CSV File Import...

SUSE CVE-2018-3847

Multiple exploitable buffer overflow vulnerabilities exist in image parsing functionality of the CFITSIO library version 3.42. Specially crafted images parsed via the library, can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this...

WordPress plugin WPUpper Share Buttons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress WPUpper Share Buttons plugin <= 3.42 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by zhangyunpei in WordPress WPUpper Share Buttons plugin versions = 3.42. Solution Deactivate and delete. This plugin has been closed as of November 9, 2022 and is not available for download. This closure is temporary, pending a full...

Sourcegraph 安全漏洞

Sourcegraph is an open source code search and navigation tool from Sourcegraph, Inc. engine is an OpenSSL reference implementation of the GOST encryption algorithm. A security vulnerability exists in Sourcegraph versions prior to 3.42, which stems from the ability of an authenticated Sourcegraph...

CVE-2018-3849

In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution...

CVE-2018-19020

When CX-Supervisor Versions 3.42 and prior processes project files and tampers with the value of an offset, an attacker can force the application to read a value outside of an array...

CVE-2018-19020

When CX-Supervisor Versions 3.42 and prior processes project files and tampers with the value of an offset, an attacker can force the application to read a value outside of an array...

CVE-2018-19020

When CX-Supervisor Versions 3.42 and prior processes project files and tampers with the value of an offset, an attacker can force the application to read a value outside of an array...

CVE-2018-19015

An attacker could inject commands to launch programs and create, write, and read files on CX-Supervisor Versions 3.42 and prior through a specially crafted project file. An attacker could exploit this to execute code under the privileges of the application...

CVE-2018-19013

An attacker could inject commands to delete files and/or delete the contents of a file on CX-Supervisor Versions 3.42 and prior through a specially crafted project file...

CVE-2018-19011

CX-Supervisor Versions 3.42 and prior can execute code that has been injected into a project file. An attacker could exploit this to execute code under the privileges of the application...

CVE-2018-19019

A type confusion vulnerability exists when processing project files in CX-Supervisor Versions 3.42 and prior. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application...

Omron CX-Supervisor Command Injection Vulnerability (NVD-C-2019-12033)

Omron CX-Supervisor is a powerful and advanced machine visualization software package that provides a very flexible PC-based HMI environment. A command injection vulnerability exists in Omron CX-Supervisor 3.42 and earlier versions, which can be exploited by an attacker to inject commands via a...

Omron CX-Supervisor Code Injection Vulnerability

Omron CX-Supervisor is a powerful and advanced machine visualization software package that provides a very flexible PC-based HMI environment. A code injection vulnerability exists in Omron CX-Supervisor 3.42 and earlier versions, which can be exploited by an attacker to inject code into a project...

Omron CX-Supervisor Type Obfuscation Vulnerability

Omron CX-Supervisor is a powerful and advanced machine visualization software package that provides a very flexible PC-based HMI environment. A type obfuscation vulnerability exists in Omron CX-Supervisor 3.42 and earlier versions, which can be exploited by an attacker to execute code with...

Multiple Buffer Overflow Vulnerabilities in CFITSIO

CFITSIO library is a C library for reading and writing data files in FITS Flexible Image Transfer System data format. Multiple buffer overflow vulnerabilities exist in the image parsing functionality in CFITSIO library version 3.42. An attacker can exploit this vulnerability by sending a speciall...