OIC Exponent CMS 输入验证错误漏洞

OIC Exponent CMS is a free, open source modular content management system CMS based on PHP from OIC, USA. The system supports direct editing in the page and provides user management, site configuration, content editing and other functions. An input validation error vulnerability exists in Exponen...

OIC Exponent CMS 输入验证错误漏洞

OIC Exponent CMS is a free, open source modular content management system CMS based on PHP from OIC, USA. The system supports direct editing in the page and provides user management, site configuration, content editing and other functions. An input validation error vulnerability exists in Exponen...

OIC Exponent CMS 输入验证错误漏洞

OIC Exponent CMS is a free, open source modular content management system CMS based on PHP from OIC, USA. The system supports direct editing in the page and provides user management, site configuration, content editing and other functions. An input validation error vulnerability exists in Exponen...

OIC Exponent CMS 输入验证错误漏洞

OIC Exponent CMS is a free, open source modular content management system CMS based on PHP from OIC, USA. The system supports direct editing in the page and provides user management, site configuration, content editing and other functions. An input validation error vulnerability exists in Exponen...

OIC Exponent CMS 输入验证错误漏洞

OIC Exponent CMS is a free, open source modular content management system CMS based on PHP from OIC, USA. The system supports direct editing in the page and provides user management, site configuration, content editing and other functions. An input validation error vulnerability exists in Exponen...

Design/Logic Flaw

A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long long as well as a shift exponent that is too large for 64-bit type...

CVE-2020-27751

A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long long as well as a shift exponent that is too large for 64-bit type...

CVE-2020-26939

In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext tha...

DEBIAN-CVE-2020-26939

In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext tha...

CVE-2020-26939

In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext tha...

UBUNTU-CVE-2020-26939

In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext tha...

CVE-2020-26939

In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext tha...

CVE-2020-26939

In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext tha...

Multiple packages on Sun Solaris including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier SDK and JRE 1.4.x up to 1.4.2_12 and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice when using an RSA key with exponent 3 removes PKCS-1 padding before generating a hash which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1.

...

CVE-2011-4121

The OpenSSL extension of Ruby Git trunk versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of '1' to be used for private RSA key generation. A remote attacker could use this flaw to bypass or corrupt integrity of services, depending on strong private RSA keys generation...

CVE-2011-4121

The OpenSSL extension of Ruby Git trunk versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of '1' to be used for private RSA key generation. A remote attacker could use this flaw to bypass or corrupt integrity of services, depending on strong private RSA keys generation...

Private Ruby OpenSSL RSA key generation is always "1"

The OpenSSL extension of Ruby Git trunk versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of '1' to be used for private RSA key generation. A remote attacker could use this flaw to bypass or corrupt integrity of services, depending on strong private RSA keys generation...

OIC Exponent CMS SQL Injection Vulnerability (CNVD-2019-16421)

OIC Exponent CMS is a free, open source modular content management system CMS based on PHP from OIC, USA. The system supports direct editing in the page and provides user management, site configuration, content editing and other functions. A SQL injection vulnerability exists in the...

Design/Logic Flaw

Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expTagController.php related to changetags...

CVE-2016-8900

Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expTagController.php related to changetags...