148 matches found
CVE-2018-12909
Webgrind 1.5 relies on user input to display a file, which lets anyone view files from the local filesystem that the webserver user has access to via an index.php?op=fileviewer&file= URI. NOTE: the vendor indicates that the product is not intended for a "publicly accessible environment...
xpdf denial of service vulnerability (CNVD-2018-06681)
Xpdf is an open source PDF file viewer, this software runs on X Window as well as Motif. xpdf also runs on all classes of Unix operating systems. xpdf 4.00 in the JPXStream.cc in the JPXStream::readTilePartData function has a denial of service vulnerability. An attacker can exploit this...
[SECURITY] [DSA 4006-1] mupdf security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4006-1 [email protected] https://www.debian.org/security/ October 24, 2017 https://www.debian.org/security/faq - -------------------------------------------------------------------------...
Hitachi HIBUN Confidential File Viewer Installer Untrusted Search Path Vulnerability
Hitachi HIBUN Confidential File Viewer is a set of confidential file viewers from Hitachi Solutions Japan. install is one of the installation programs. An untrusted search path vulnerability exists in the installer in versions of Hitachi HIBUN Confidential File Viewer prior to 11.20.0001. The...
Design/Logic Flaw
Untrusted search path vulnerability in Installer of HIBUN Confidential File Viewer prior to 11.20.0001 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2017-10864
Untrusted search path vulnerability in Installer of HIBUN Confidential File Viewer prior to 11.20.0001 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2017-10864
Untrusted search path vulnerability in Installer of HIBUN Confidential File Viewer prior to 11.20.0001 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2017-10864
The CVE-2017-10864 issue affects Hitachi HIBUN Confidential File Viewer installer prior to version 11.20.0001. According to the connected documents, an untrusted search path vulnerability in the installer can allow privilege escalation via a Trojan horse DLL placed in an unspecified directory (CW...
JVN#94056834: Installer of HIBUN Confidential File Viewer may insecurely load Dynamic Link Libraries and invoke executable files
Installer of HIBUN Confidential File Viewer provided by Hitachi Solutions, Ltd. contains an issue with the search path for DLL/executable files, which may lead to insecurely loading Dynamic Link Libraries and invoking executable files CWE-427. Impact Arbitrary code may be executed with the...
wildfly: Arbitrary file read via path traversal
It was found that the log file viewer in Red Hat JBoss Enterprise Application 6 and 7 allows arbitrary file read to authenticated user via path traversal...
wildfly: Arbitrary file read via path traversal
It was found that the log file viewer in Red Hat JBoss Enterprise Application 6 and 7 allows arbitrary file read to authenticated user via path traversal...
Moderate: Red Hat Security Advisory: JBoss Enterprise Application Platform 7.0.6 on Red Hat Enterprise Linux 7
An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...
Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform security update
An update is now available for Red Hat JBoss Enterprise Application Platform. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
QNAP QTS 4.2.0 Build 20160311 / Build 20160601 Cross Site Scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2016-049 Product: QNAP QTS Manufacturer: QNAP Affected Versions: 4.2.0 Build 20160311 and Build 20160601 Tested Versions: 4.2.0 Build 20160311 - 4.2.2 Build 20160812 Vulnerability Type: Persistent Cross-Site Scripting CWE-79 Risk...
PInfo 0.6.9-5.1 - Local Buffer Overflow
Exploit developed using Exploit Pack v5.4 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: PInfo - File viewer Version: 0.6.9-5.1 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program description: An alternative info-file...
PInfo 0.6.9-5.1 - Local Buffer Overflow
Exploit for linux platform in category local exploits Program affected: PInfo - File viewer Version: 0.6.9-5.1 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program description: An alternative info-file viewer pinfo is an viewer for Info documents, which is based on ncurse...
[SECURITY] Fedora 24 Update: w3m-0.5.3-24.fc24
The w3m program is a pager or text file viewer that can also be used as a text-mode Web browser. W3m features include the following: when reading an HTML document, you can follow links and view images using an external image viewer; its internet message mode determines the type of document from t...
SWF Player - Flash File Viewer - Base64 encoded String, Customized SSL, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application SWF Player - Flash File Viewer published at the 'play' market has multiple vulnerabilities...
firefox security update
CentOS Errata and Security Advisory CESA-2015:1207 Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS bas...
Critical: Red Hat Security Advisory: firefox security update
Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...