3642 matches found
SUSE CVE-2018-9259
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the MP4 dissector could crash. This was addressed in epan/dissectors/file-mp4.c by restricting the box recursion depth...
SUSE CVE-2018-18346
Incorrect handling of alert box display in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to present confusing browser UI via a crafted HTML page...
SUSE CVE-2019-19048
A memory leak in the cryptoreportstat function in drivers/virt/vboxguest/vboxguestutils.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service memory consumption by triggering copyformuser failures, aka CID-e0b0cb938864...
SUSE CVE-2020-19499
An issue was discovered in heif::Boxiref::getreferences in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impact due to an invalid memory read...
SUSE CVE-2021-3467
A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened...
SUSE CVE-2022-38725
An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected...
CVE-2023-21703
Azure Data Box Gateway Remote Code Execution Vulnerability...
CVE-2023-21703
Azure Data Box Gateway Remote Code Execution Vulnerability...
Remote code execution
Azure Data Box Gateway Remote Code Execution Vulnerability...
CVE-2023-21703 Azure Data Box Gateway Remote Code Execution Vulnerability
...
CVE-2023-21703 Azure Data Box Gateway Remote Code Execution Vulnerability
...
CVE-2023-21703
CVE-2023-21703 affects Azure Data Box Gateway. The connected documents describe a Remote Code Execution vulnerability caused by insufficient access restrictions in Azure Data Box Gateway, enabling an attacker to execute arbitrary code remotely. The issue is tracked across multiple sources, with M...
Azure Data Box Gateway Remote Code Execution Vulnerability
...
PT-2023-1426 · Microsoft · Azure Data Box Gateway
Name of the Vulnerable Software and Affected Versions: Azure Data Box Gateway affected versions not specified Description: The issue is related to insufficient access restrictions in Azure Data Box Gateway, which can be exploited by a remote attacker to execute arbitrary code. Recommendations: At...
Microsoft Azure Data Box Gateway 安全漏洞
Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Azure Data Box Gateway. The following products and versions are affected: Azure Data Box Gateway, Azure Stack Edge...
Vulnerabilities fixed in Microsoft Azure
Microsoft has fixed vulnerabilities in several components of Azure. For an overview of the vulnerabilities, see the following list. Azure App Service: |----------------|------|-------------------------------------| | CVE ID | CVSS | Impact |...
WordPress plugin Social Like Box and Page by WpDevArt 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
Forget Heart Message Box SQL Injection Vulnerability (CNVD-2023-08089)
Forget Heart Message Box is a message site. v1.1 of Forget Heart Message Box contains a security vulnerability that originates from a SQL injection vulnerability found through the name parameter in /admin/loginpost.php. No detailed vulnerability details are available at this time...
Forget Heart Message Box SQL Injection Vulnerability
Forget Heart Message Box is a messaging website. v1.1 of Forget Heart Message Box is vulnerable to SQL injection, which stems from a lack of validation of external input SQL statements in the name parameter of ca.php. An attacker could use this vulnerability to execute illegal SQL commands to ste...
Malicious Package
Overview make-box is a malicious package. It distributes Discord malware hosted on pastebin, that can steal important host information and credentials. Remediation Avoid using all malicious instances of the make-box package. Credit: Snyk Research Team...