Lucene search
K

83 matches found

NVD
NVD
added 2023/02/01 12:15 a.m.29 views

CVE-2023-23924

Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This may lead to arbitrary object unserialize on PHP 8, through the phar URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with...

10CVSS9.5AI score0.03572EPSS
Exploits2References3
Prion
Prion
added 2023/02/01 12:15 a.m.21 views

Remote code execution

Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This may lead to arbitrary object unserialize on PHP 8, through the phar URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with...

7.5CVSS9.5AI score0.03572EPSS
Exploits2References3Affected Software1
Debian CVE
Debian CVE
added 2023/01/31 11:54 p.m.17 views

CVE-2023-23924

Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This may lead to arbitrary object unserialize on PHP 8, through the phar URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with...

10CVSS9.6AI score0.03572EPSS
Exploits2
Cvelist
Cvelist
added 2023/01/31 11:54 p.m.61 views

CVE-2023-23924 URI validation failure on SVG parsing in Dompdf

Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This may lead to arbitrary object unserialize on PHP 8, through the phar URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with...

10CVSS9.7AI score0.03572EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2023/01/31 12:0 a.m.6 views

PT-2023-1267 · Dompdf +1 · Dompdf +1

Name of the Vulnerable Software and Affected Versions: Dompdf version 2.0.1 Dompdf versions prior to 8.0.0 Description: The issue is related to the incorrect order of authorization checks before syntax analysis and canonization when processing tags with uppercase letters in SVG parsing. This can...

10CVSS9.7AI score0.03572EPSS
Exploits2References17
OpenVAS
OpenVAS
added 2022/09/01 12:0 a.m.15 views

Debian: Security Advisory (DLA-3090-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8CVSS7.9AI score0.70276EPSS
Exploits1References3
Debian
Debian
added 2022/08/31 8:47 a.m.24 views

[SECURITY] [DLA 3090-1] php-horde-turba security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3090-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb August 31, 2022 https://wiki.debian.org/LTS -...

8CVSS7.8AI score0.70276EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2022/02/21 8:55 a.m.2 views

rubygem-json: Unsafe object creation vulnerability in JSON

A flaw was found in rubygem-json. While parsing certain JSON documents, the json gem including the one bundled with Ruby can be coerced into creating arbitrary objects in the target system. This is the same issue as CVE-2013-0269...

7.5CVSS7.2AI score0.06811EPSS
Exploits0References5
CNVD
CNVD
added 2022/01/06 12:0 a.m.20 views

CodeIgniter code issues vulnerabilities

CodeIgniter is an open source Web framework written in PHP. codeIgniter is vulnerable to a code issue that stems from the deserialization of untrusted data found in the old function of the software. A remote attacker could use the vulnerability to inject an arbitrary object with the vulnerability...

9.8CVSS4.4AI score0.37671EPSS
Exploits0References1
Veracode
Veracode
added 2021/06/03 2:32 a.m.30 views

Prototype Pollution

merge-deep is vulnerable to prototype pollution. The vulnerability exists as it is possible to overwrite Object.prototype with arbitrary object properties in the merge function...

9.8CVSS3.3AI score0.01901EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2020/08/20 8:15 a.m.9 views

CVE-2020-10289

Use of unsafe yaml load. Allows instantiation of arbitrary objects. The flaw itself is caused by an unsafe parsing of YAML values which happens whenever an action message is processed to be sent, and allows for the creation of Python objects. Through this flaw in the ROS core package of actionlib...

8.8CVSS8.9AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/06/23 1:9 p.m.5 views

rubygem-json: Unsafe object creation vulnerability in JSON

A flaw was found in rubygem-json. While parsing certain JSON documents, the json gem including the one bundled with Ruby can be coerced into creating arbitrary objects in the target system. This is the same issue as CVE-2013-0269...

7.5CVSS7.2AI score0.06811EPSS
Exploits0References5
CNVD
CNVD
added 2020/04/29 12:0 a.m.1 views

Ruby JSON gem input validation error vulnerability

Ruby JSON gem is a Ruby-based package for parsing JSON from text and generating JSON text from Ruby objects. An input validation error vulnerability in Ruby JSON gem version 2.2.0 and earlier can be exploited to force the creation of arbitrary objects on a target system...

7.5CVSS6.6AI score0.06811EPSS
Exploits0References1
CNVD
CNVD
added 2020/02/13 12:0 a.m.2 views

Multiple Phar Deserialization Vulnerabilities in SuiteCRM

SuiteCRM is a free and open source customer relationship management application. SuiteCRM suffers from multiple Phar deserialization vulnerabilities. An attacker can exploit the vulnerabilities to inject arbitrary PHP objects into the scope of the application, allowing the execution of various...

7.2CVSS7.6AI score0.02805EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/04/26 4:13 p.m.33 views

CVE-2019-9791

The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time JIT compiler and when the constructor function is entered through on-stack replacement OSR. This allows for possible arbitrary...

9.5AI score0.19762EPSS
Exploits6References6
AlpineLinux
AlpineLinux
added 2019/04/26 4:13 p.m.764 views

CVE-2019-9791

The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time JIT compiler and when the constructor function is entered through on-stack replacement OSR. This allows for possible arbitrary...

9.8CVSS9.6AI score0.19762EPSS
Exploits6
CVE
CVE
added 2019/04/26 4:13 p.m.371 views

CVE-2019-9791

CVE-2019-9791 affects Thunderbird and Firefox (including Firefox ESR) and stems from the IonMonkey JIT: type confusion for constructors entered via on-stack replacement. The advisory notes that the vulnerability can enable arbitrary reading/writing of objects during an exploitable crash, with fix...

9.8CVSS9.3AI score0.19762EPSS
Exploits6References6Affected Software2
GoogleProjectZero
GoogleProjectZero
added 2018/08/14 12:0 a.m.62 views

Windows Exploitation Tricks: Exploiting Arbitrary Object Directory Creation for Local Elevation of Privilege

Posted by James Forshaw, Project Zero And we’re back again for another blog in my series on Windows Exploitation tricks. This time I’ll detail how I was able to exploit Issue 1550 which results in an arbitrary object directory being created by using a useful behavior of the CSRSS privileged...

7.4AI score
Exploits0
CNVD
CNVD
added 2017/08/30 12:0 a.m.4 views

NetApp StorageGRID Webscale Arbitrary Object Deletion Vulnerability

NetApp StorageGRID Webscale is a suite of scalable object storage software from American NetApp. A security vulnerability exists in NetApp StorageGRID Webscale, which allows remote attackers to exploit the vulnerability to commit special deletion of arbitrary objects...

6.5CVSS6.6AI score0.01632EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/07 12:0 a.m.8 views

PostgreSQL PL/Java Arbitrary Object Access Vulnerability

PostgreSQL PL/Java is the PostgreSQL development team developed a database can be used in Java code to write stored procedures , triggers and functions of the open source project . A security vulnerability exists in PostgreSQL PL/Java 9.0 and earlier versions. An attacker can exploit the...

7.5CVSS7.6AI score0.01362EPSS
Exploits0References1
Rows per page
Query Builder