Linux Distros Unpatched Vulnerability : CVE-2019-19252

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vcswrite in drivers/tty/vt/vcscreen.c in the Linux kernel through 5.3.13 does not prevent write access to vcsu devices, aka CID-0c9acb1af77a. CVE-2019-19252 Not...

Linux Distros Unpatched Vulnerability : CVE-2019-18675

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Linux kernel through 5.3.13 has a startoffset+size Integer Overflow in cpia2remapbuffer in drivers/media/usb/cpia2/cpia2core.c because cpia2 has its own mma...

SUSE CVE-2012-2311

sapi/cgi/cgimain.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script aka php-cgi, does not properly handle query strings that contain a %3D sequence but no = equals sign character, which allows remote attackers to execute arbitrary code by placing command-line options i...

Moderate: Red Hat Security Advisory: Openshift Logging 5.3.13 security and bug fix release

An update is now available for OpenShift Logging 5.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in th...

ai.test.sdk:test-ai-appium (>=0.0.1 <=0.1.0), app.commerce-io:spring-boot-starter-data-search-core (>=1.1.0 <=1.3.0-RC1) +7311 more potentially affected by CVE-2021-22060 via org.springframework:spring-core (>=5.3.0 <=5.3.13)

org.springframework:spring-core MAVEN version =5.3.0, =0.0.1, =1.1.0, =1.1.0, =0.0.1, =0.3.0, =1.13.0, =1.13.0, =1.3.2.RELEASE, =1.3.1.RELEASE, =1.3.1.RELEASE, =2.2.37, =0.5.3, =0.1.2, =0.1.8 and more Source cves: CVE-2021-22060 Source advisory: OSV:GHSA-6GF2-PVQW-37PH...

GHSA-6GF2-PVQW-37PH Log entry injection in Spring Framework

In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This is a follow-up to CVE-2021-22096 that protects against additional types of input and in more...

PT-2020-15862 · Synology · Music Station

Name of the Vulnerable Software and Affected Versions: Music Station versions prior to 5.3.12 Music Station versions prior to 5.3.13 Description: This issue allows remote attackers to inject malicious code through a cross-site scripting vulnerability in Music Station. Recommendations: For Music...

[SECURITY] Fedora 31 Update: kernel-5.3.13-300.fc31

The kernel meta package...

Linux Kernel Multiple Security Vulnerabilities

Description Linux Kernel is prone to the following security vulnerabilities: 1. A security-bypass vulnerability 2. A local privilege-escalation vulnerability An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions or gain elevated privileges...

Oracle MySQL Connectors CVE-2019-2920 Remote Security Vulnerability

Description Oracle MySQL Connectors is prone to a remote security vulnerability. The vulnerability can be exploited over the 'MySQL Protocol' Protocol. The 'Connector/ODBC' component is affected. This vulnerability affects the following supported versions: 5.3.13 and prior, 8.0.17 and prior...

MariaDB 5.3 < 5.3.13 Multiple DoS Vulnerabilities

The version of MariaDB 5.3 running on the remote host is a version prior to 5.3.13. It is, therefore, potentially affected by denial of service vulnerabilities due to errors related to the following : - Union queries - Join::prepare queries - NAMECONST queries C Tenable Network Security, Inc...

PHP 'openssl_encrypt()' Function Information Disclosure Vulnerability - Windows

PHP is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

CVE-2012-6113

This CVE affects PHP 5.3.9–5.3.13 where the openssl_encrypt() code path in ext/openssl/openssl.c fails to initialize a variable, enabling a remote attacker to read sensitive memory contents by supplying zero-length input data. The issue is a memory disclosure vulnerability. Public references indi...

PT-2013-1899 · Php · Php

Name of the Vulnerable Software and Affected Versions: PHP versions 5.3.9 through 5.3.13 Description: The issue concerns the openssl encrypt function, which fails to initialize a certain variable. This allows remote attackers to obtain sensitive information from process memory by providing zero...

PHP CGI Query String Parameters Command Execution

Added: 05/15/2012 CVE: CVE-2012-1823 BID: 53388 OSVDB: 81633 Background PHP is a widely used general-purpose scripting language that is especially suited for Web development. Problem When configured as a CGI script aka php-cgi, PHP does not properly handle query string parameters which are passed...

PHP CGI Query String Parameters Command Execution

Added: 05/15/2012 CVE: CVE-2012-1823 BID: 53388 OSVDB: 81633 Background PHP is a widely used general-purpose scripting language that is especially suited for Web development. Problem When configured as a CGI script aka php-cgi, PHP does not properly handle query string parameters which are passed...