PT-2015-3090 · Sap · Sap Hana

Name of the Vulnerable Software and Affected Versions: SAP HANA affected versions not specified Description: The issue is related to incorrect code generation management in the SAP HANA database management system. It allows a remote attacker to inject arbitrary ABAP code. The Extended Application...

OpenJDK: code generation issue (Hotspot, 8064524)

A flaw was found in the way the Hotspot component in OpenJDK in the way this component generated code for bytecode. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions...

UBUNTU-CVE-2014-3152

Integer underflow in the LCodeGen::PrepareKeyedOperand function in arm/lithium-codegen-arm.cc in Google V8 before 3.25.28.16, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a...

UBUNTU-CVE-2014-1733

The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging renderer access...

ecshop找回密码功能存在安全隐患

简要描述： 可能随时都能重置用户密码问题 详细说明： user.php 740行 / 修改会员密码 / elseif $action == 'acteditpassword' includeonceROOTPATH . 'includes/libpassport.php'; $oldpassword = isset$POST'oldpassword' ? trim$POST'oldpassword' : null; $newpassword = isset$POST'newpassword' ? trim$POST'newpassword' : ''; $userid =...

PHP-Fusion: source code security analysis report

Several vulnerabilities were discovered in PHP-Fusion 'PHP-Fusion' software: Incorrect User Input Filtration when Connecting to External Files File System Path Manipulation Incorrect User Input Filtration when Using Regular Expressions while Calling the pregreplace Function Using Insufficiently...

samba: Multiple heap-based buffer overflows in memory management based on NDR marshalling code output

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call...

ThinkSNS and an arbitrary file upload vulnerability-vulnerability warning-the black bar safety net

A module is not the uploaded file type validation. You can upload any file The code generated location apps\wap\Lib\Action\IndexAction.class.php 2 6 3 row if! empty$FILES'pic''name' // automatically send one picture to Twitter $data'pic' = $FILES'pic'; $data'content' = 'photo-sharing'; $data'from...

Fedora 15 : nip2-7.24.2-1.fc15 / vips-7.24.7-2.fc15 (2011-10808)

7.24 series. Run-time code generation Open via disc mode Workspace as Graph mode for nip2 FITS image format VIPS rewrite Better nibs in paintbox Better TIFF and JPEG load Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...

Fedora 14 : nip2-7.24.2-1.fc14 / vips-7.24.7-2.fc14 (2011-10781)

7.24 series. Run-time code generation Open via disc mode Workspace as Graph mode for nip2 FITS image format VIPS rewrite Better nibs in paintbox Better TIFF and JPEG load Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...

bozotic HTTP server Denial of Service Vulnerability

This host is running bozotic HTTP server and is prone to Denial of Service Vulnerability OpenVAS Vulnerability Test $Id: gbbozotichttpserverdosvuln.nasl 5263 2017-02-10 13:45:51Z teissa $ bozotic HTTP server Denial of Service Vulnerability Authors: Sooraj KS Copyright: Copyright c 2010 Greenbone...

bozotic HTTP server Denial of Service Vulnerability

bozotic HTTP server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2010-2195

bozotic HTTP server aka bozohttpd 20090522 through 20100512 allows attackers to cause a denial of service via vectors related to a "wrong code generation interaction with GCC."...

Mandrake Security Advisory MDVSA-2009:162 (java-1.6.0-openjdk)

The remote host is missing an update to java-1.6.0-openjdk announced via advisory MDVSA-2009:162. OpenVAS Vulnerability Test $Id: mdksa2009162.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:162 java-1.6.0-openjdk Authors: Thomas Reinke Copyright:...

Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2009:137)

Multiple security vulnerabilities has been identified and fixed in Little cms library embedded in OpenJDK : A memory leak flaw allows remote attackers to cause a denial of service memory consumption and application crash via a crafted image file CVE-2009-0581. Multiple integer overflows allow...

OpenJDK code generation vulnerability (6636360)

Unspecified vulnerability in the Virtual Machine in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to "code generation."...

OpenJDK code generation vulnerability (6636360)

Unspecified vulnerability in the Virtual Machine in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to "code generation."...

CVE-2009-1102

Unspecified vulnerability in the Virtual Machine in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to "code generation."...

CVE-2009-1102

Unspecified vulnerability in the Virtual Machine in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to "code generation."...

CVE-2009-1102

Technical details about CVE-2009-1102 are not provided in the connected documents. Please monitor for updates from vendors and security advisories.