62 matches found
IrfanView 缓冲区错误漏洞
IrfanView is an image viewer by the individual developer Irfan Skiljan from Bosnia and Herzegovina, which supports image browsing, image editing, image format conversion and more. A security vulnerability exists in IrfanView version 4.54, which stems from a user-mode write access conflict issue i...
IrfanView 缓冲区错误漏洞
IrfanView is an image viewer by the individual developer Irfan Skiljan from Bosnia and Herzegovina, which supports image browsing, image editing, image format conversion and more. A security vulnerability exists in IrfanView version 4.54, which stems from a user-mode write access conflict issue i...
IrfanView 缓冲区错误漏洞
IrfanView is an image viewer by the individual developer Irfan Skiljan from Bosnia and Herzegovina, which supports image browsing, image editing, image format conversion and more. A security vulnerability exists in IrfanView version 4.54, which stems from a user-mode write access conflict issue i...
IBOS 代码问题漏洞
IBOS is a collaborative office management system. A command injection vulnerability exists in ibos IBOS, which stems from a command injection vulnerability in database backup in IBOS 4.5.4 Open version. An attacker can exploit this vulnerability to gain server control privileges...
GLPI 跨站脚本漏洞
GLPI is an open source software for IT equipment management, developed using the PHP language. A cross-site scripting vulnerability exists in GLPI versions prior to 9.5.4 when a logged-in user is updating a work order, and no detailed vulnerability details are available at this time...
PT-2021-14412 · Glpi +1 · Glpi +1
Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 9.5.4 Description: The issue involves an XSS vulnerability in GLPI, a free asset and IT management software package, where a logged-in user is affected while updating a ticket. Recommendations: For versions prior to...
Linux kernel buffer overflow vulnerability (CNVD-2020-37934)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. The 'mwifiexcmdappendvsietlv' function in the drivers/net/wireless/marvell/mwifiex/scan.c file in versions of the Linux kernel prior to 5.5.4 has a buffer overflow...
TYPO3 Authorization Issue Vulnerability (CNVD-2019-41222)
TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 versions prior to 4.3.12, 4.4.x prior to 4.4.9, and 4.5.x prior to 4.5.4. An attacker can exploit the vulnerability by sending a specially crafted...
CVE-2019-17132
vBulletin through 5.5.4 mishandles custom avatars...
Oracle Outside In Technology Component Access Control Error Vulnerability (CNVD-2019-27771)
Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle Corporation. The platform provides middleware, software collections, etc. Outside In Technology is one of the software development kit components. A securi...
CVE-2019-2464
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2017)
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple...
CVE-2017-11272
Adobe Digital Editions 4.5.4 and earlier has a security bypass vulnerability...
CVE-2017-10251
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Test Framework. Supported versions that are affected are 8.54 and 8.55. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where PeopleSoft...
CVE-2017-3094
Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF processing engine. Successful exploitation could lead to arbitrary code execution...
Adobe Digital Editions Memory Corruption Vulnerability
Adobe Digital Editions DE is a set of e-book reading and management software of the United States Ordoby Adobe. Through the software can open, read and manage PDF, XML, Flash files. A memory corruption vulnerability exists in Adobe DE 4.5.4 and earlier versions. A remote attacker can exploit this...
PT-2017-1959 · Oracle +7 · Mysql Server +6
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.5.54 and earlier MySQL Server versions 5.6.35 and earlier MySQL Server versions 5.7.17 and earlier Description: The issue is related to inadequate access control in the MySQL Server component of Oracle MySQL,...
DEBIAN-CVE-2016-7587
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of...
Google Go untrustworthy search path vulnerability
Google Go is a programming language optimized for programming applications on multiprocessor systems by Google. An untrusted search path vulnerability exists in Google Go versions prior to 1.5.4 and 1.6.1 prior to 1.6.x for Windows platforms. A local attacker can exploit this vulnerability to gai...
mysql: unspecified vulnerability related to Server:Security:Privileges (CPU July 2015)
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges...