Lucene search
+L

247 matches found

Prion
Prion
added 2017/11/16 10:29 p.m.18 views

Security feature bypass

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of out-of-bound buffer accesses due to no synchronization in accessing global variables by multiple threads...

4.6CVSS7.8AI score0.00138EPSS
Exploits0References1
NVD
NVD
added 2017/11/16 10:29 p.m.17 views

CVE-2017-11023

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of out-of-bound buffer accesses due to no synchronization in accessing global variables by multiple threads...

7.8CVSS7.3AI score0.00138EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/11/16 10:0 p.m.27 views

CVE-2017-11023

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of out-of-bound buffer accesses due to no synchronization in accessing global variables by multiple threads...

7.3AI score0.00138EPSS
Exploits0References1
NVD
NVD
added 2017/09/21 3:29 p.m.13 views

CVE-2017-9676

In all Qualcomm products with Android releases from CAF using the Linux kernel, potential use after free scenarios and race conditions can occur when accessing global static variables without using a lock...

4.7CVSS4.8AI score0.00274EPSS
Exploits0References2
Prion
Prion
added 2017/09/21 3:29 p.m.16 views

Race condition

In all Qualcomm products with Android releases from CAF using the Linux kernel, potential use after free scenarios and race conditions can occur when accessing global static variables without using a lock...

2.6CVSS7.2AI score0.00274EPSS
Exploits0References2Affected Software1
appercut
appercut
added 2016/08/15 12:0 a.m.566 views

Silver Stripe CMS: source code security analysis report

Several vulnerabilities were discovered in SilverStripe Limited 'Silver Stripe CMS' software: Incorrect User Input Filtration when Connecting to External Files File System Path Manipulation Using Global Variables Incorrect User Input Filtration when Using the unserialize Function Incorrect Newlin...

1.9AI score
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2016/06/17 12:0 a.m.207 views

Discuz! x the use of SSRF remote command execution vulnerability

Content source: security think tank 0X01 ready to work jannock issued by Discuz conditional remote command execution,a lot of big stations affected, the online hasn't published details, in a safe public number to see on the jannock simple to say about the principle, is ssrf+redis/memcache issues,...

7.9AI score
Exploits0
appercut
appercut
added 2016/06/16 12:0 a.m.542 views

WooCommerce plugin for WordPress: source code security analysis report

Several vulnerabilities were discovered in WooThemes 'WooCommerce plugin for WordPress' software: File System Path Manipulation Using Global Variables Incorrect Newline Symbol Filtration in HTTP-response Headers Hardcoded Credentials...

1.6AI score
Exploits0References1Affected Software1
appercut
appercut
added 2016/05/30 12:0 a.m.538 views

CMSimple CMS: source code security analysis report

Several vulnerabilities were discovered in CMSimple 'CMSimple CMS' software: File System Path Manipulation Incorrect User Input Filtration when Using Regular Expressions while Calling the pregreplace Function Using Global Variables Using Insufficiently Random Generators in Cryptography HttpOnly...

1.9AI score
Exploits0References1Affected Software1
appercut
appercut
added 2016/05/23 12:0 a.m.598 views

Concrete5 CMS: source code security analysis report

Several vulnerabilities were discovered in Portland Labs 'Concrete5 CMS' software: File System Path Manipulation Using Global Variables Incorrect User Input Filtration when Using the unserialize Function Using Insufficiently Random Generators in Cryptography HttpOnly Cookies Incorrect Permissions...

1.3AI score
Exploits0References1Affected Software1
appercut
appercut
added 2016/05/06 12:0 a.m.574 views

WordPress CMS: source code security analysis report

Several vulnerabilities were discovered in Wordpress Foundation 'WordPress CMS' software: File System Path Manipulation Using Global Variables Incorrect User Input Filtration when Using the unserialize Function Using Insufficiently Random Generators in Cryptography HttpOnly Cookies Incorrect User...

1.4AI score
Exploits0References1Affected Software1
appercut
appercut
added 2016/05/04 12:0 a.m.568 views

Drupal CMS: source code security analysis report

Several vulnerabilities were discovered in Drupal Association 'Drupal CMS' software: Incorrect User Input Filtration when Generating Code on the Fly Using Global Variables Incorrect User Input Filtration when Using the unserialize Function Hardcoded Credentials Using Insufficiently Random...

2.3AI score
Exploits0References1Affected Software1
appercut
appercut
added 2016/04/21 12:0 a.m.682 views

MODX Revolution: source code security analysis report

Several vulnerabilities were discovered in MODX 'MODX Revolution' software: Incorrect User Input Filtration when Connecting to External Files File System Path Manipulation Using Global Variables Incorrect User Input Filtration when Using the unserialize Function Using Insufficiently Random...

0.6AI score
Exploits0References1Affected Software1
appercut
appercut
added 2016/04/05 12:0 a.m.534 views

Joomla!: source code security analysis report

Several vulnerabilities were discovered in Open Source Matters, Inc. 'Joomla!' software: Using Global Variables Incorrect User Input Filtration when Using the unserialize Function Using Insufficiently Random Generators in Cryptography Incorrect Permissions for External Entities During XML...

2.8AI score
Exploits0References1Affected Software1
CNVD
CNVD
added 2015/09/17 12:0 a.m.2 views

Qibo Video System SQL Injection Vulnerability

Zibo video system can achieve all static, custom static page URL rules, you can copy the system into multiple subsystems in the background. A SQL injection vulnerability exists in Qibo Video System.' video/member/special.php' where $TBpre is not initialized, due to the existence of pseudo-global...

7.9AI score
Exploits0References1
CNVD
CNVD
added 2015/09/06 12:0 a.m.26 views

PCS pcsd competitive conditions loophole

PCS is a set of tools for configuring and managing Pacemaker and Corosync clustering software using the command line and web UI. A competitive condition vulnerability exists in PCS 0.9.139 and prior versions of pcsd that stems from the program's use of global variables to validate usernames. A...

4.9CVSS7.5AI score0.0098EPSS
Exploits0References1
myhack58
myhack58
added 2015/03/19 12:0 a.m.27 views

Qi Bo CMS variable coverage leads to sql injection vulnerability analysis report-vulnerability warning-the black bar safety net

Blog post author: Alibaba security research lab—supporting su Release date: 2015-3-10 Blog post content: The recent Alibaba security research laboratory vulnerability monitoring system to monitor attendance Bo cms exist high-risk vulnerabilities that can lead to SQL vulnerability and thus affect...

2.3AI score
Exploits0
Packet Storm
Packet Storm
added 2014/11/26 12:0 a.m.28 views

phpBB 3.1.1 deregister_globals() Bypass

When PHP's registerglobals configuration directive set on, phpBB will call deregisterglobals function, all global variables registered by PHP will be destroyed. But deregisterglobals functions can be bypassed. $input = arraymerge arraykeys$GET, arraykeys$POST, arraykeys$COOKIE, arraykeys$SERVER,...

Exploits0
exploitpack
exploitpack
added 2014/11/22 12:0 a.m.21 views

MyBB 1.8.2 - unset_globals() Function Bypass Remote Code Execution

MyBB 1.8.2 - unsetglobals Function Bypass Remote Code Execution Exploit Title: MyBB - 2014.03.06 MyBB's unsetglobals function can be bypassed under special conditions and it is possible to allows remote code execution. I. MyBB's unsetglobals Function Bypass When PHP's register\globals configurati...

0.5AI score
Exploits0
NVD
NVD
added 2014/10/17 3:55 p.m.23 views

CVE-2014-8074

Buffer overflow in the SetLogFile method in Foxit.FoxitPDFSDKProCtrl.5 in Foxit PDF SDK ActiveX 2.3 through 5.0.1820 before 5.0.2.924 allows remote attackers to execute arbitrary code via a long string, related to global variables...

6.8CVSS7.9AI score0.03411EPSS
Exploits0References3
Rows per page
Query Builder