19 matches found
BIT-LIBPHP-2020-7064 Use-of-uninitialized-value in exif
In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exifreaddata function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash...
CVE-2024-46670
An Out-of-bounds Read vulnerability CWE-125 in FortiOS version 7.6.0, version 7.4.4 and below, version 7.2.9 and below and FortiSASE FortiOS tenant version 24.3.b IPsec IKE service may allow an unauthenticated remote attacker to trigger memory consumption leading to Denial of Service via crafted...
WordPress plugin Sirv 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...
OESA-2024-1877 ffmpeg security update
FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: An integer overflow...
DEBIAN-CVE-2023-31626
An issue in the gpfnotice component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
DEBIAN-CVE-2023-31628
An issue in the stricmp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
UBUNTU-CVE-2023-31620
An issue in the dvcompare component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
UBUNTU-CVE-2023-31615
An issue in the chasharray component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
UBUNTU-CVE-2023-31626
An issue in the gpfnotice component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
UBUNTU-CVE-2023-31622
An issue in the sqlcmakepolicytrig component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
Virtuoso Open-Source Edition SQL注入漏洞
Virtuoso Open-Source Edition is a high-performance and scalable multi-model RDBMS, data integration middleware, linked data deployment, and HTTP application server platform open-sourced by OpenLink Software. A security vulnerability exists in Virtuoso Open-Source Edition version v7.2.9, which...
Virtuoso Open-Source Edition SQL注入漏洞
Virtuoso Open-Source Edition is a high-performance and scalable multi-model RDBMS, data integration middleware, linked data deployment, and HTTP application server platform open-sourced by OpenLink Software. A security vulnerability exists in Virtuoso Open-Source Edition version v7.2.9 that stems...
PT-2023-9527 · Openlink +4 · Openlink Virtuoso-Opensource +4
Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue is related to the mp box copy component and involves improper neutralization of special elements used in SQL commands. This can be exploited by attackers to cause a Denial of...
PT-2023-9519 · Openlink +4 · Openlink Virtuoso-Opensource +4
Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue in the libc longjmp component of the openlink virtuoso-opensource platform is related to the improper neutralization of special elements used in SQL commands. Exploitation of...
PT-2023-9517 · Openlink +4 · Openlink Virtuoso-Opensource +4
Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue is related to the dfe unit col loci component of openlink virtuoso-opensource, which is associated with the improper neutralization of special elements used in SQL commands. Th...
PT-2023-9521 · Openlink +4 · Openlink Virtuoso-Opensource +4
Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue is related to the mp box deserialize string function, which is vulnerable due to improper neutralization of special elements used in SQL commands. This can be exploited by a...
IBM QRadar Improper Access Control Vulnerability
IBM QRadar is an enterprise security information and event management SIEM product that detects anomalies, finds advanced threats, and eliminates false positives. A security vulnerability exists in IBM QRadar Wincollect versions 7.2.0 through 7.2.9 that stems from WinCollect failing to install...
IBM QRadar Improper Access Control Vulnerability (CNVD-2020-46811)
IBM QRadar is an enterprise security information and event management SIEM product that detects anomalies, finds advanced threats, and eliminates false positives. A security vulnerability exists in IBM QRadar Wincollect versions 7.2.0 through 7.2.9, which stems from a program that allows users to...
PowerShell LTS v7.2.9 (x64)
PowerShell LTS v7.2.9 x64...