31254 matches found
Open-xchange OX App Suite 跨站脚本漏洞
OX App Suite is a modular platform designed for telcos, hosting companies and vendors to deliver a wide range of cloud-based services. A cross-site scripting vulnerability exists in OX App Suite 7.10.4. An attacker could exploit this vulnerability via an inline binary to conduct a cross-site...
golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The...
CVE-2021-23240
A race condition vulnerability was found in the temporary file handling of sudoedit's SELinux RBAC support. On systems where SELinux is enabled, this flaw allows a malicious user with sudoedit permissions to set the owner of an arbitrary file to the user ID of the target user, potentially leading...
Path traversal
Certificate validation in node-sass 2.0.0 to 4.14.1 is disabled when requesting binaries even if the user is not specifying an alternative download path...
CVE-2020-24025
CVE-2020-24025 affects node-sass versions from 2.0.0 through 4.14.1, where certificate validation is disabled when requesting binaries, even if no alternative download path is specified. This can enable TLS validation bypass when fetching binaries. The description does not specify affected OSes o...
Binary Vulnerability in Tenda W18E Enterprise Router
The Tenda W18E is an enterprise router. A binary vulnerability exists in the Tenda W18E Enterprise Router, which can be exploited by attackers to cause a denial of service attack...
Dell Wyse Management Suite Installed
Binary data dellwysemanagementsuitewininstalled.nbin...
Microsoft Teams Installed (Windows)
Binary data microsoftteamswininstalled.nbin...
Google Chrome < 87.0.4280.141 Multiple Vulnerabilities
Binary data 701296.pasl...
Binary Vulnerability in Mitochrome 2.0
Meitu Look 2.0 is the universal picture viewing software. A binary vulnerability exists in Mito Look 2.0, which can be exploited by an attacker to gain control of a server...
Binary Vulnerability in WPS Office Professional Edition
WPS Office is an office software suite independently developed by Kingsoft Corporation Limited, which can realize the most commonly used office software text, tables, presentations, PDF reading and other functions. A binary vulnerability exists in WPS Office Professional Edition, which can be...
Binary Vulnerability in WPS Office Professional (CNVD-2021-03295)
WPS Office is an office software suite independently developed by Kingsoft Corporation Limited, which can realize the most commonly used office software text, tables, presentations, PDF reading and other functions. A binary vulnerability exists in WPS Office Professional Edition, which can be...
Binary Vulnerability in WPS Office Professional (CNVD-2021-03294)
WPS Office is an office software suite independently developed by Kingsoft Corporation Limited, which can realize the most commonly used office software text, tables, presentations, PDF reading and other functions. A binary vulnerability exists in WPS Office Professional Edition, which can be...
CVE-2020-26292
Creeper is an experimental dynamic, interpreted language. The binary release of Creeper Interpreter 1.1.3 contains potential malware. The compromised binary release was available for a few hours between December 26, 2020 at 3:22 PM EST to December 26, 2020 at 11:00 PM EST. If you used the source...
CVE-2020-26292
Creeper is an experimental dynamic, interpreted language. The binary release of Creeper Interpreter 1.1.3 contains potential malware. The compromised binary release was available for a few hours between December 26, 2020 at 3:22 PM EST to December 26, 2020 at 11:00 PM EST. If you used the source...
CVE-2020-26292
CVE-2020-26292 concerns Creeper, an experimental dynamic language. The vulnerability is limited to the binary release of Creeper Interpreter 1.1.3, not the source code. The compromised binary was briefly available on Dec 26, 2020 (about 3:22 PM–11:00 PM EST) and has since been removed. If you dow...
CVE-2020-26292 Potential Malware Discovered (Possible False Positive)
Creeper is an experimental dynamic, interpreted language. The binary release of Creeper Interpreter 1.1.3 contains potential malware. The compromised binary release was available for a few hours between December 26, 2020 at 3:22 PM EST to December 26, 2020 at 11:00 PM EST. If you used the source...
DEBIAN-CVE-2020-35495
There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affects binutils versions prior to 2.34...
NetApp API Compliance Checks
Binary data netappapicompliancecheck.nbin...
ZTE ROSNG Compliance Checks
Binary data ztecompliancecheck.nbin...