6680 matches found
CVE-2020-23520
imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality...
Remote code execution
imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality...
CVE-2020-23520
imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality...
CVE-2020-29651
A denial of service via regular expression in the py.path.svnwc component of py aka python-py through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality...
CVE-2020-29651
A denial of service via regular expression in the py.path.svnwc component of py aka python-py through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality...
Input validation
A denial of service via regular expression in the py.path.svnwc component of py aka python-py through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality...
CVE-2020-29651
A denial of service via regular expression in the py.path.svnwc component of py aka python-py through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality...
PYSEC-2020-92
A denial of service via regular expression in the py.path.svnwc component of py aka python-py through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality...
PYSEC-2020-92
A denial of service via regular expression in the py.path.svnwc component of py aka python-py through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality...
CVE-2020-29651
A denial of service via regular expression in the py.path.svnwc component of py aka python-py through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality...
SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2020:3053-1)
This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.4.0 ESR - Fixed: Various stability, functionality, and security fixes MFSA 2020-46 bsc1177872, bsc1176756 - CVE-2020-15969 Use-after-free in usersctp - CVE-2020-15683 Memory safety bugs fixed in Firefo...
SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2020:3021-1)
This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.4.0 ESR - Fixed: Various stability, functionality, and security fixes MFSA 2020-46 bsc1177872, bsc1176756 - CVE-2020-15969 Use-after-free in usersctp - CVE-2020-15683 Memory safety bugs fixed in Firefo...
Service Update 0.23 for Microsoft Dynamics 365 9.0
Service Update 0.23 for Microsoft Dynamics 365 9.0 INTRODUCTION Service Update 9.0.23 for Microsoft Dynamics CRM on-premises 9.0 is now available. This article describes the hotfixes and updates that are included in Service Update 9.0.23. MORE INFORMATION Update package| Version number ---|---...
Microsoft Dynamics 365 (on-premises) Update 2.25
Microsoft Dynamics 365 on-premises Update 2.25 Introduction Service Update 2.25 for Microsoft Dynamics CRM on-premises 8.2 is now available. This article describes the hotfixes and updates that are included in Service Update 2.25. More information Update package| Version number ---|--- Microsoft...
CVE-2020-25675
In the CropImage and CropImageToTiles routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer overflow and out-of-range values as reported by UndefinedBehaviorSanitizer. Such issues could cause a...
CVE-2020-5799
The Eat Spray Love mobile app for both iOS and Android contains a backdoor account that, when modified, allowed privileged access to restricted functionality and to other users' data...
Design/Logic Flaw
The Eat Spray Love mobile app for both iOS and Android contains a backdoor account that, when modified, allowed privileged access to restricted functionality and to other users' data...
Automattic: [intensedebate.com] No Rate Limit On The report Functionality Lead To Delete Any Comment When it is enabled
Hello Summary: I have found a no rate limit issue on the report functionality. When you enabled the report functionality on your site, you can set a number of reports before deleting the comment reported. By default, this functionality is unable, but if you enabled this and you set a $x number of...
OPENSUSE-SU-2020:2170-1 Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: - Update to version jdk8u275 icedtea 3.17.1 JDK-8214440, bsc1179441: Fix StartTLS functionality that was broken in openjdk272. bsc1179441 JDK-8223940: Private key not supported by chosen signature algorithm JDK-8236512: PKCS11 Connectio...
CVE-2020-13543
A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability...