5327 matches found
CVE-2019-13410
TOPMeeting vulnerability CVE-2019-13410 affects TOPMeeting versions before 8.8. The issue is information disclosure: attendees’ accounts and passwords are exposed on a front-end page; an attacker can obtain this by inspecting the page source. Root cause: sensitive credentials displayed in the cli...
CVE-2017-15041
An arbitrary command execution flaw was found in the way Go's "go get" command handled the checkout of source code repositories. A remote attacker capable of hosting malicious repositories could potentially use this flaw to cause arbitrary command execution on the client side...
FortiSIEM external authentication password reflected in external authentication profile
An information exposure vulnerability in the external authentication profile form of FortiSIEM may allow an authenticated attacker to retrieve the external authentication password via the HTML source code.This could potentially aggravate attacks targeting the authenticated admin session, should...
Logic flaw vulnerability in Ruoyi's backend management system
Ruoyi backend management system is based on SpringBoot2.0 rights management system . A logic flaw vulnerability exists in the Ruoyi Backend Management System. An attacker can view the source code to obtain a username and password to log in to the backend...
Directory Traversal and Arbitrary File Download Vulnerabilities in MayiCMS (Ant Classification Information System)
MayiCMS Ant Classified Information System is a php mysql based website builder. Ant Classifieds Information System suffers from directory traversal and arbitrary file download vulnerabilities. An attacker can obtain sensitive information by traversing the directory and downloading website source...
Syhunt Community 6.7 - Web And Mobile Application Scanner
Syhunt Community is a web and now mobile application security scanner. Syhunt is able to scan any kind of application source code for potential security vulnerabilities, pinpointing the exact lines of the code that need to be patched. Or you can simply enter a start URL and get detailed...
CVE-2019-16409
In the Versioned Files module through 2.0.3 for SilverStripe 3.x, unpublished versions of files are publicly exposed to anyone who can guess their URL. This guess could be highly informed by a basic understanding of the symbiote/silverstripe-versionedfiles source code. Users who upgrade from...
CVE-2019-16409
CVE-2019-16409 affects the SilverStripe Versioned Files module up to version 2.0.3 on SilverStripe 3.x. Unpublished file versions are publicly exposed when their URLs are guessed, aided by knowledge of the module’s source code. The issue is a information disclosure due to insufficient access cont...
Chun technical blog team easy enterprise show integration 70C scene show source code system has unauthorized access vulnerability
Chun brother technology blog team is committed to sharing station building technology, micro letter development technology, custom development business source code system, custom development enterprise website, is a service small and medium-sized webmaster enterprise technology-based independent...
CVE-2019-16396
GnuCOBOL 2.2 has a use-after-free in the endscopeofprogramname function in cobc/parser.y via crafted COBOL source code...
CVE-2019-16395
GnuCOBOL 2.2 has a stack-based buffer overflow in the cbname function in cobc/tree.c via crafted COBOL source code...
CVE-2019-16396
GnuCOBOL 2.2 has a use-after-free in the endscopeofprogramname function in cobc/parser.y via crafted COBOL source code...
CVE-2019-16395
GnuCOBOL 2.2 has a stack-based buffer overflow in the cbname function in cobc/tree.c via crafted COBOL source code...
CVE-2019-16396
GnuCOBOL 2.2 has a use-after-free in the endscopeofprogramname function in cobc/parser.y via crafted COBOL source code...
CVE-2019-16395
GnuCOBOL 2.2 has a stack-based buffer overflow in the cbname function in cobc/tree.c via crafted COBOL source code...
UBUNTU-CVE-2019-16395
GnuCOBOL 2.2 has a stack-based buffer overflow in the cbname function in cobc/tree.c via crafted COBOL source code...
Code injection
GnuCOBOL 2.2 has a use-after-free in the endscopeofprogramname function in cobc/parser.y via crafted COBOL source code...
Stack overflow
GnuCOBOL 2.2 has a stack-based buffer overflow in the cbname function in cobc/tree.c via crafted COBOL source code...
CVE-2019-16395
GnuCOBOL 2.2 has a stack-based buffer overflow in the cbname function in cobc/tree.c via crafted COBOL source code...
CVE-2019-16396
GnuCOBOL 2.2 has a use-after-free in the endscopeofprogramname function in cobc/parser.y via crafted COBOL source code...