1436 matches found
Autodesk Design Review Code Issue Vulnerability
Autodesk Design Review ADR is a suite of AutoCAD drafting software assistance software from Autodesk. The software supports viewing, marking, measuring, printing and tracking changes to 2D and 3D design files. A code issue vulnerability exists in Autodesk Design Review. An attacker could exploit...
Debian: Security Advisory (DLA-1896-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
tourdekids.cz Cross Site Scripting vulnerability
Security Researcher metamorfosec Helped patch 1935 vulnerabilities Received 9 Coordinated Disclosure badges Received 31 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting tourdekids.cz website and its users. Following...
Apache Commons Beanutils Code Issue Vulnerability
Apache Commons Beanutils is the United States Apache Apache Software Foundation, a package that provides tools to manipulate JavaBean. A code issue vulnerability exists in Apache Commons Beanutils version 1.9.2, which can be exploited by an attacker to execute arbitrary code/commands...
Security Update for Microsoft SharePoint Foundation 2013 (KB4475565) farm-deployment
A security vulnerability exists in Microsoft SharePoint Foundation 2013 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...
CVE-2019-14486
GnuCOBOL 2.2 has a buffer overflow in cbevaluateexpr in cobc/field.c via crafted COBOL source code...
CVE-2019-1010176
JerryScript commit 4e58ccf68070671e1fff5cd6673f0c1d5b80b166 is affected by: Buffer Overflow. The impact is: denial of service and possibly arbitrary code execution. The component is: function litchartoutf8bytes jerry-core/lit/lit-char-helpers.c:377. The attack vector is: executing crafted...
FFmpeg Code Problem Vulnerability
FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A code issue vulnerability exists in FFmpeg version 4.1.3. The vulnerability arises from a design or implementation issue during code development for a networked system or product. No detai...
leejofa.com Open Redirect vulnerability
Security Researcher geeknik Helped patch 8544 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting leejofa.com website and its users. Following coordinated a...
costatropical.es Cross Site Scripting vulnerability
Security Researcher Renzi Helped patch 6742 vulnerabilities Received 8 Coordinated Disclosure badges Received 36 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting costatropical.es website and its users. Following coordinate...
MiniFtp - parseconf_load_setting Buffer Overflow Exploit
Exploit for linux platform in category local exploits Exploit Title: MiniFtp parseconfloadsetting local-bufferoverflow 318 bytes Exploit Author: strider Vendor Homepage: https://github.com/skyqinsc/MiniFtp Software Link: https://github.com/skyqinsc/MiniFtp Tested on: Debian 9 Stretch i386/ Kali...
CVE-2019-9227
An issue was discovered in baigo CMS 2.1.1. There is a vulnerability that allows remote attackers to execute arbitrary code. A BGSITENAME parameter with malicious code can be written into the optbase.inc.php file...
U.S. Dept Of Defense: [https://███] Local File Inclusion via graph.php
Summary: There exists a Local File Inclusion vulnerability on https://████ due to a known vulnerability in the ZendTo library. This was fixed in Version 5.16-6 Beta, although ██████ is still running ZendTo 5.11. Impact This allows path traversal in a file name that is then returned to the user...
MGASA-2019-0043 Updated libssh packages fix security vulnerability
libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2MSGUSERAUTHSUCCESS message in place of the SSH2MSGUSERAUTHREQUEST message which the server would expect to initiate authentication, the attacker could successfully...
WordPress Plugin Audio Record 1.0 - Arbitrary File Upload
WordPress Plugin Audio Record 1.0 - Arbitrary File Upload Exploit Title: WordPress Plugin Audio Record 1.0 - Arbitrary File Upload Date: 2018-12-24 Software Link: https://wordpress.org/plugins/audio-record/ Exploit Author: Kaimi Website: https://kaimi.io Version: 1.0 Category: webapps Unrestricte...
valentino.com XSS vulnerability
Open Bug Bounty ID: OBB-705930 Description| Value ---|--- Affected Website:| valentino.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CVE-2018-5877
CVE-2018-5877 describes a vulnerability in the device programmer target-side code for firehose used on Qualcomm Snapdragon platforms. The issue arises because a string may not be properly NULL terminated, potentially leading to an incorrect buffer size in Snapdragon Automotive, Mobile, and Wear d...
info.stanjohnsonco.com XSS vulnerability
Open Bug Bounty ID: OBB-695761 Description| Value ---|--- Affected Website:| info.stanjohnsonco.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CVE-2018-16840
A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the Curlclose function, the library code first frees a struct without nulling the pointer and might then subsequently...
Integer Overflow or Wraparound
In the client in Bytom checkTopicRegister in p/discover/net.go does not prevent negative idx values, leading to a crash...