USN-8156-1 gdk-pixbuf vulnerability

It was discovered that GDK-PixBuf incorrectly handled certain JPEG files. An attacker could use this issue to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code...

CVE-2019-8156

A server-side request forgery SSRF vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to modify store configurations can manipulate the connector api endpoint to enable remote code execution...

CVE-2019-8156

creationtimestamp| type| source ---|---|--- 2024-02-05 08:41:26+00:00| seen| https://t.me/ctinow/179039...

CVE-2016-8156

CVE-2016-8156 is rejected/not used and does not represent an active vulnerability entry.

CVE-2016-8156

...

Fedora: Security Advisory for nextcloud (FEDORA-2020-c9863904de)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 32 : nextcloud (2020-c9863904de)

Update to Nextcloud 18.0.9, fixes CVE-2020-81-39, CVE-2020-8173, CVE-2020-8183, CVE-2020-8223, CVE-2020-8154, CVE-2020-8155. Updating the Mail & Groupfolders apps from within Nextcloud also fixes CVE-2020-8153, CVE-2020-8156 Note that Tenable Network Security has extracted the preceding descripti...

CVE-2020-8156

A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack...

CVE-2020-8156

A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack...

CVE-2020-8156

A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack...

CVE-2020-8156

CVE-2020-8156: Nextcloud Mail 1.1.3 has missing TLS host verification, enabling a man-in-the-middle attack. Affected component: Nextcloud Mail 1.1.3. Root cause: inadequate TLS host verification. Impact: potential eavesdropping/alteration of mail data (confidentiality/integrity) and partial avail...

CVE-2019-8156

CVE-2019-8156 describes a server-side request forgery (SSRF) in Magento 2.x prior to specific patch levels. An authenticated admin user can modify the connector API endpoint to trigger remote code execution. Affected versions include Magento 2.2 before 2.2.10 and Magento 2.3 before 2.3.3 or 2.3.2...

CVE-2018-8156

CVE-2018-8156 is a Microsoft SharePoint Server elevation-of-privilege issue. Connected sources confirm the vulnerability arises when SharePoint Server (and related Project Server variants) fails to properly filter specially crafted web requests, enabling an attacker to escalate privileges. Severa...

Microsoft SharePoint Server CVE-2018-8156 Remote Privilege Escalation Vulnerability

Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsof...

KLA11243 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, bypass security restrictions and gain privileges. Below is a complete list of vulnerabilities: 1. An incorrect handling ...

CVE-2017-8156

CVE-2017-8156 is a no-authentication serial-port vulnerability in Huawei CPE outdoor unit B2338-168 V100R001C00. The issue allows an attacker with physical access to log in to the device via the serial console and take control of the outdoor unit. The Huawei PSIRT advisory confirms two related vu...

CVE-2014-8156

The D-Bus security policy files in /etc/dbus-1/system.d/.conf in fso-gsmd 0.12.0-3, fso-frameworkd 0.9.5.9+git20110512-4, and fso-usaged 0.12.0-2 as packaged in Debian, the upstream cornucopia.git fsoaudiod, fsodatad, fsodeviced, fsogsmd, fsonetworkd, fsotdld, fsousaged git master on 2015-01-19,...

CVE-2014-8156

CVE-2014-8156 affects D-Bus system service policy handling in fso-gsmd, fso-frameworkd, fso-usaged and related up-stream modules (cornucopia.git, framework.git) on Debian/Ubuntu. The vulnerability stems from improper filtering of D-Bus message paths in /etc/dbus-1/system.d/*.conf, enabling a loca...

CVE-2014-8156

The D-Bus security policy files in /etc/dbus-1/system.d/.conf in fso-gsmd 0.12.0-3, fso-frameworkd 0.9.5.9+git20110512-4, and fso-usaged 0.12.0-2 as packaged in Debian, the upstream cornucopia.git fsoaudiod, fsodatad, fsodeviced, fsogsmd, fsonetworkd, fsotdld, fsousaged git master on 2015-01-19,...

CVE-2014-8156

Removed by vendor...