28 matches found
UBUNTU-CVE-2023-33546
DISPUTED Janino 3.1.9 and earlier are subject to denial of service DOS attacks when using the expression evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes the parser to crash due to a stack overflow. NOTE: this is disput...
CVE-2023-33546
Janino 3.1.9 and earlier are subject to denial of service DOS attacks when using the expression evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes the parser to crash due to a stack overflow. NOTE: this is disputed by...
CVE-2023-33546
Janino 3.1.9 and earlier are subject to denial of service DOS attacks when using the expression evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes the parser to crash due to a stack overflow. NOTE: this is disputed by...
OSV-2020-1399 Segv on unknown address in clang::StmtVisitorBase<llvm::make_const_ptr, RecordExprEvaluator, bool>::Visit
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19152 Crash type: Segv on unknown address Crash state: clang::StmtVisitorBase::Visit clang::StmtVisitorBase::Visit EvaluateInPlace...
CVE-1999-0477
The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile.cfm, which does not restrict access to the server properly...
CVE-1999-0477
The CVE-1999-0477 issue affects the ColdFusion Application Server’s Expression Evaluator. A remote attacker can upload files via openfile.cfm due to insufficient access restriction, enabling arbitrary file upload on the server. This is documented across multiple sources (e.g., Red Hat, NVD) with ...
CVE-1999-0455
The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly...
CVE-1999-0477
The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile.cfm, which does not restrict access to the server properly...