Design/Logic Flaw

Real Time Engineers FreeRTOS+FAT 160919a has a use after free. The function FFClose is defined in fffile.c. The file handler pxFile is freed by ffconfigFREE, which by default is a macro definition of vPortFree, but it is reused to flush modified file content from the cache to disk by the function...

OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...

CVE-2018-1114

It was found that URLResource.getLastModified in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak...

Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (PowerShell)

Interactive Version: function SluiHijackBypass Param ParameterMandatory=$True String$command, ValidateSet64,86 int$arch = 64 Create registry structure New-Item "HKCU:\Software\Classes\exefile\shell\open\command" -Force Set-ItemProperty -Path "HKCU:\Software\Classes\exefile\shell\open\command" -Na...

Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (PowerShell) Exploit

Exploit for windows platform in category local exploits Interactive Version: function SluiHijackBypass Param ParameterMandatory=$True String$command, ValidateSet64,86 int$arch = 64 Create registry structure New-Item "HKCU:\Software\Classes\exefile\shell\open\command" -Force Set-ItemProperty -Path...

Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (PowerShell)

Microsoft Windows - UAC Protection Bypass Via Slui File Handler Hijack PowerShell Interactive Version: function SluiHijackBypass Param ParameterMandatory=$True String$command, ValidateSet64,86 int$arch = 64 Create registry structure New-Item "HKCU:\Software\Classes\exefile\shell\open\command"...

Information Disclosure

EAP is vulnerable to information disclosure attacks. An attacker could manipulate the component, Configuration File Handler with an unknown input which leads to partially modify data and disclosure of information...

Arbitrary Code Execution

OpenJPEG is vulnerable to arbitrary code execution attacks. A remote unauthenticated attacker could exploit the vulnerable JP2 File Handler component to cause code execution via a crafted JP2 file, which triggers an out-of-bounds read or write...

Jupyter Notebook Cross-Site Scripting Vulnerability (CNVD-2019-09602)

Jupyter Notebook is an open source web application that creates and shares documents containing live code, equations, visualizations, and narrative text. A cross-site scripting vulnerability exists in Jupyter Notebook versions prior to 5.7.1, which stems from a failure to set the content security...

UBUNTU-CVE-2018-19351

Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. In other words, nbconvert endpoints can execute JavaScript with access to the server API. In notebook/nbconvert/handlers.py,...

Design/Logic Flaw

It was found that URLResource.getLastModified in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak...

CVE-2018-1114

It was found that URLResource.getLastModified in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak...

CVE-2018-1114

It was found that URLResource.getLastModified in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak...

CVE-2018-1114

It was found that URLResource.getLastModified in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak...

XnView Multiple Denial of Service Vulnerabilities (Aug 2018)

XnView is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xnview:xnview";...

CVE-2018-1433

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1 web handler /DownloadFile does not require authentication to read arbitrary files from the system. IBM...

Windows UAC Protection Bypass (Via Slui File Handler Hijack)

This module will bypass UAC on Windows 8-10 by hijacking a special key in the Registry under the Current User hive, and inserting a custom command that will get invoked when any binary .exe application is launched. But slui.exe is an auto-elevated binary that is vulnerable to file handler...

Design/Logic Flaw

The xwd file handler in ImageMagick allows remote attackers to cause a denial of service segmentation fault and application crash via a malformed xwd file...

CVE-2014-9810

The dpx file handler in ImageMagick allows remote attackers to cause a denial of service segmentation fault and application crash via a malformed dpx file...

Design/Logic Flaw

The dpx file handler in ImageMagick allows remote attackers to cause a denial of service segmentation fault and application crash via a malformed dpx file...