DEBIAN-CVE-2018-17187

The Apache Qpid Proton-J transport includes an optional wrapper layer to perform TLS, enabled by use of the 'transport.ssl...' methods. Unless a verification mode was explicitly configured, client and server modes previously defaulted as documented to not verifying a peer certificate, with option...

CVE-2018-17187

CVE-2018-17187 affects the Apache Qpid Proton-J TLS wrapper. Versions 0.3–0.29.0 lacked hostname verification support, leaving clients that rely on the wrapper with only trusted-certificate verification and exposing them to MITM attacks. The mitigation is to upgrade Proton-J to 0.30.0+ and enable...

JEESNS Cross-Site Scripting Vulnerability

JEESNS is an enterprise-level open source social management system building platform based on Java and MySQL, which includes microblogging module, group module and article module. JEESNS 1.3 version of the com/lxinet/jeesns/core/utils/XssHttpServletRequestWrapper.java file cross-site scripting...

libreoffice: Use-after-free in sdstor/stgstrms.cxx:StgSmallStrm class allows for denial of service with crafted document

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...

USN-3802-1 xorg-server, xorg-server-hwe-16.04 vulnerability

Narendra Shinde discovered that the X.Org X server incorrectly handled certain command line parameters when running as root with the legacy wrapper. When certain graphics drivers are being used, a local attacker could possibly use this issue to overwrite arbitrary files and escalate privileges...

GHSA-MH7G-99W9-XPJM Remote code execution occurs in Apache Solr

Remote code execution occurs in Apache Solr before versions 5.5.5, 6.6.2 and 7.1.0 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external...

CVE-2018-17886

An issue was discovered in JEESNS 1.3. The XSS filter in com.lxinet.jeesns.core.utils.XssHttpServletRequestWrapper.java could be bypassed, as demonstrated by a svg/onLoad=confirm substring. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-12429...

Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.

There was a problem hiding this comment. Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Hide comment I'm afraid this change is wrong. fileexists is not the only...

Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.

Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data...

Arbitrary Data Deserialization

tecnickcom/tcpdf is vulnerable to arbitrary data deserialization attack. The attack is possible because it allows the user to input arbitrary data to deserialize using via the phar:// wrapper...

CVE-2018-17057

An issue was discovered in TCPDF before 6.2.22. Attackers can trigger deserialization of arbitrary data via the phar:// wrapper...

CVE-2018-17057

An issue was discovered in TCPDF before 6.2.22. Attackers can trigger deserialization of arbitrary data via the phar:// wrapper...

UBUNTU-CVE-2018-17057

An issue was discovered in TCPDF before 6.2.22. Attackers can trigger deserialization of arbitrary data via the phar:// wrapper...

CVE-2018-17057

An issue was discovered in TCPDF before 6.2.22. Attackers can trigger deserialization of arbitrary data via the phar:// wrapper...

DEBIAN-CVE-2018-17057

An issue was discovered in TCPDF before 6.2.22. Attackers can trigger deserialization of arbitrary data via the phar:// wrapper...

CVE-2018-17057

The CVE-2018-17057 issue affects TCPDF prior to 6.2.22, allowing attackers to trigger deserialization of arbitrary data through the phar:// wrapper. Documented impact includes remote code execution risk when processing manipulated inputs, with notable exposure via LimeSurvey relying on the TCPDF ...

CVE-2018-17057

An issue was discovered in TCPDF before 6.2.22. Attackers can trigger deserialization of arbitrary data via the phar:// wrapper...

CVE-2018-17057

An issue was discovered in TCPDF before 6.2.22. Attackers can trigger deserialization of arbitrary data via the phar:// wrapper...

Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.

Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data...

PT-2018-13869 · Tcpdf · Tcpdf

Name of the Vulnerable Software and Affected Versions: TCPDF versions prior to 6.2.22 Description: An issue allows attackers to trigger deserialization of arbitrary data via the phar:// wrapper. Recommendations: For versions prior to 6.2.22, update to version 6.2.22 or later to resolve the issue...