888 matches found
Django < 2.16 Uncontrolled Memory Consumption Vulnerability - Windows
Django is prone to an uncontrolled memory consumption vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Denial Of Service (DoS)
kernel-rt is vulnerable to denial of service DoS attacks. The vulnerability exists as the mpipowm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service stack memory corruption...
CVE-2018-16151
In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS1 v1.5 signature verification. Similar to the flaw in the same version of strongSwa...
Debian DSA-4305-1 : strongswan - security update
Sze Yiu Chau and his team from Purdue University and The University of Iowa found several issues in the gmp plugin for strongSwan, an IKE/IPsec suite. Problems in the parsing and verification of RSA signatures could lead to a Bleichenbacher-style low-exponent signature forgery in certificates and...
[SECURITY] [DSA 4305-1] strongswan security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4305-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez September 24, 2018 https://www.debian.org/security/faq -...
UBUNTU-CVE-2018-16151
In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS1 v1.5 signature verification. Similar to the flaw in the same version of strongSwa...
Exponent CMS 2.4.1 Patch 5 - Privilege Escalation Vulnerability
Exponent CMS allows rogue admins to elevate their privileges. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Unspecified Vulnerability in OIC Exponent CMS
OIC Exponent CMS is a free, open source modular content management system CMS based on PHP from the OIC Group of companies in the United States. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. A security...
Exponent CMS 2.3.9 Multiple Vulnerabilities
ExponentCMS is prone to multiple vulnerabilities that have their source in the Pixidou Image Editor component. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...
Exponent CMS 2.3 Multiple File Upload Vulnerabilities
Exponent CMS 2.3 is prone to multiple vulnerabilities due to oversights in the file upload functionality. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
CVE-2016-7443
Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspecified impact via vectors related to "uploading files to wrong location."...
Design/Logic Flaw
Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspecified impact via vectors related to "uploading files to wrong location."...
CVE-2016-7443
Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspecified impact via vectors related to "uploading files to wrong location."...
CVE-2016-7443
CVE-2016-7443 affects Exponent CMS, versions 2.3.0 to 2.3.9. The issue is a vulnerable file upload path that could allow a remote attacker to impact the system via uploading files to the wrong location. The vulnerability description is supported by multiple feeds and references, indicating a secu...
CVE-2016-7443
Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspecified impact via vectors related to "uploading files to wrong location."...
OIC Exponent CMS Elevation of Privilege Vulnerability
OIC Exponent CMS is a free, open source modular content management system CMS based on PHP from the American OIC Group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. A security vulnerability exis...
CVE-2017-18213
In Exponent CMS before 2.4.1 Patch 6, certain admin users can elevate their privileges...
CVE-2017-18213
In Exponent CMS before 2.4.1 Patch 6, certain admin users can elevate their privileges...
Code injection
In Exponent CMS before 2.4.1 Patch 6, certain admin users can elevate their privileges...
CVE-2017-18213
In Exponent CMS before 2.4.1 Patch 6, certain admin users can elevate their privileges...