12 matches found
CVE-2026-40227
A flaw was found in systemd. A local unprivileged user can exploit this vulnerability by making an Inter-Process Communication IPC API call with a specially crafted array or map containing a null element. This can trigger an assert, leading to a Denial of Service DoS condition, which makes the...
Serialize JavaScript 安全漏洞
"Serialize JavaScript" is a Yahoo open-source project that serializes JavaScript into JSON super sets containing regular expressions and functions. Versions of "Serialize JavaScript" prior to 7.0.5 contained security vulnerabilities. These vulnerabilities stemmed from the use of a specially craft...
K51743312: NTP vulnerability CVE-2018-7183
Security Advisory Description Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array. CVE-2018-7183 Impact There is no impact; F5 products are not...
SUSE CVE-2018-7183
Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array...
Buffer overflow
Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array...
CVE-2018-7183
Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array...
CVE-2018-7183
Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array...
CVE-2018-7183
Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array...
CVE-2011-3735
Escort Agency CMS aka escort-agency-cms allows remote attackers to obtain sensitive information via crafted array parameters in a request to a .php file, which reveals the installation path in an error message, as demonstrated by makethumb.php and certain other files...
Design/Logic Flaw
Escort Agency CMS aka escort-agency-cms allows remote attackers to obtain sensitive information via crafted array parameters in a request to a .php file, which reveals the installation path in an error message, as demonstrated by makethumb.php and certain other files...
CVE-2011-3735
Escort Agency CMS aka escort-agency-cms allows remote attackers to obtain sensitive information via crafted array parameters in a request to a .php file, which reveals the installation path in an error message, as demonstrated by makethumb.php and certain other files...
Format string
Array index vulnerability in Microsoft Office Excel 2000 SP3 and 2002 SP3, and Office 2004 and 2008 for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted array index for a FORMAT record, aka the "Excel Index Array Vulnerability."...