CVE-2019-14021

Possible buffer overrun when processing EFS filename and payload sent over diag interface due to lack of check for filename length and payload size received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in...

CVE-2019-14021

CVE-2019-14021 is a buffer overrun in Qualcomm Snapdragon components triggered during EFS filename and payload processing over the diag interface due to missing length checks. This affects a wide range of Snapdragon products (e.g., APQ8096AU/APQ8098, MDM9150/MDM9206/MDM9607/MDM9640/MDM9650, MSM89...

CVE-2020-11712

Open Upload through 0.4.3 allows XSS via index.php?action=u and the filename field...

CVE-2020-11712

Open Upload through 0.4.3 allows XSS via index.php?action=u and the filename field...

CVE-2020-11712

Open Upload through 0.4.3 allows XSS via index.php?action=u and the filename field...

CVE-2020-11712

CVE-2020-11712 affects the Open Upload project (PHP-based file upload app) up to version 0.4.3. The issue is a Cross-Site Scripting (XSS) vulnerability exploitable via index.php?action=u and the filename field. The available sources state the vulnerability and affected version but do not provide ...

CVE-2020-11705

An issue was discovered in ProVide formerly zFTPServer through 13.1. /ajax/ImportCertificate allows an attacker to load an arbitrary certificate in .pfx format or overwrite arbitrary files via the fileName parameter...

CVE-2020-11702

An issue was discovered in ProVide formerly zFTPServer through 13.1. The User Web Interface has Multiple Stored and Reflected XSS issues. Collaborate is Reflected via the filename parameter. Collaborate is Stored via the displayname parameter. Deletemultiple is Reflected via the files parameter...

Cross site scripting

An issue was discovered in ProVide formerly zFTPServer through 13.1. The User Web Interface has Multiple Stored and Reflected XSS issues. Collaborate is Reflected via the filename parameter. Collaborate is Stored via the displayname parameter. Deletemultiple is Reflected via the files parameter...

DedeCMS v7.5 SP2 - Multiple Cross Site Web Vulnerabilities

Document Title: =============== DedeCMS v7.5 SP2 - Multiple Cross Site Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2194 Release Date: ============= 2020-04-07 Vulnerability Laboratory ID VL-ID: ===================================...

DEBIAN-CVE-2019-14905

A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxosfilecopy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS...

Serendipity Code Issue Vulnerability

Serendipity is a PHP-based blogging system from the Serendipity team. The system supports the creation of online journals, blogs, web pages and more. A code issue vulnerability exists in Serendipity versions prior to 2.3.4 Windows that stems from the program failing to properly validate filenames...

openSUSE Security Update : nghttp2 (openSUSE-2020-379)

This update for nghttp2 fixes the following issues : nghttp2 was update to version 1.40.0 bsc1166481 - lib: Add nghttp2checkauthority as public API - lib: Fix the bug that stream is closed with wrong error code - lib: Faster huffman encoding and decoding - build: Avoid filename collision of stati...

CVE-2020-10964

Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename...

CVE-2020-10964

Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename...

Code injection

Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename...

CVE-2020-10808

Vesta Control Panel VestaCP through 0.9.8-26 allows Command Injection via the schedule/backup Backup Listing Endpoint. The attacker must be able to create a crafted filename on the server, as demonstrated by an FTP session that renames .bashlogout to a .bashlogout' substring followed by shell...

Command injection

Vesta Control Panel VestaCP through 0.9.8-26 allows Command Injection via the schedule/backup Backup Listing Endpoint. The attacker must be able to create a crafted filename on the server, as demonstrated by an FTP session that renames .bashlogout to a .bashlogout' substring followed by shell...

SUSE SLED15 / SLES15 Security Update : nghttp2 (SUSE-SU-2020:0722-1)

This update for nghttp2 fixes the following issues : nghttp2 was update to version 1.40.0 bsc1166481 lib: Add nghttp2checkauthority as public API lib: Fix the bug that stream is closed with wrong error code lib: Faster huffman encoding and decoding build: Avoid filename collision of static and...

CVE-2019-15539

The projdoceditpage.php Project Documentation feature in MantisBT before 2.21.3 has a stored cross-site scripting XSS vulnerability, allowing execution of arbitrary code if CSP settings permit it after uploading an attachment with a crafted filename. The code is executed when editing the document...