6043 matches found
OpenSC Memory Leak Vulnerability
OpenSC is an open source smart card tool and middleware. A security vulnerability exists in the 'sccontextcreate' function in the ctx.c file of libopensc in OpenSC version 0.19.0. An attacker can exploit this vulnerability to cause a denial of service memory leak...
DEBIAN-CVE-2019-6502
sccontextcreate in ctx.c in libopensc in OpenSC 0.19.0 has a memory leak, as demonstrated by a call from eidenv...
SIDU 6.0 Cross Site Scripting
Exploit Title: SIDU 6.0 Database Web GUI | Cross-Site Scripting Date: 17.01.2019 Exploit Author: Ozer Goker Vendor Homepage: http://topnew.net/sidu Software Link: http://downloads.sourceforge.net/sidu/sidu60.zip Version: 6.0 Introduction SIDU is a database front-end tool GUI SIDU is a FREE databa...
Privilege Escalations
foreman is vulnerable to privilege escalation attacks. The vulnerability exists as the create method in app/controllers/userscontroller.rb in Foreman before 1.2.0-RC2 allows remote authenticated users with permissions to create or edit other users to gain privileges by 1 changing the admin flag o...
UBUNTU-CVE-2019-6129
pngcreateinfostruct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don't think it is libpng's job to free this buffer...
PT-2019-4184 · Libpng Developers +2 · Libpng +2
Name of the Vulnerable Software and Affected Versions: libpng version 1.6.36 Description: The issue is related to a memory leak in the png create info struct function in libpng. This leak occurs as demonstrated by pngcp. A third party has stated that they do not think it is libpng's job to free...
phpMoAdmin MongoDB GUI 1.1.5 - Cross-Site Request Forgery / Cross-Site Scripting
Exploit Title: phpMoAdmin 1.1.5 - MongoDB GUI | Multiple Vulnerabilities Date: 03.01.2019 Exploit Author: Ozer Goker Vendor Homepage: http://www.phpmoadmin.com Software Link: http://www.phpmoadmin.com/file/phpmoadmin.zip Version: 1.1.5 Introduction phpMoAdmin - MongoDB GUI MongoDB administration...
Cross site scripting
Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page title field...
CVE-2018-19904
Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page "body" field...
CVE-2018-19903
Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page title field...
CVE-2018-19904
Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page "body" field...
CVE-2018-19904
Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page "body" field...
CVE-2018-19903
This CVE concerns XSLT CMS, a PHP/XML/XSLT-based content management system. The vulnerability is a Persistent XSS flaw exploited through the title field in the create/?action=items.edit&type=Page endpoint, enabling injection of script/HTML. Root cause, per the description, is improper handling/es...
CVE-2018-19904
CVE-2018-19904 corresponds to a Persistent XSS in XSLT CMS, exploitable via the create/?action=items.edit&type=Page endpoint in the body field. The vulnerability is documented across multiple sources (NVD entry and related advisories) and is described as XSS affecting the body field, with PoC ind...
CVE-2018-20502
An issue was discovered in Bento4 1.5.1-627. There is an attempt at excessive memory allocation in the AP4DataBuffer class when called from AP4HvccAtom::Create in Core/Ap4HvccAtom.cpp...
UBUNTU-CVE-2018-20502
An issue was discovered in Bento4 1.5.1-627. There is an attempt at excessive memory allocation in the AP4DataBuffer class when called from AP4HvccAtom::Create in Core/Ap4HvccAtom.cpp...
Bento4 Memory Leak Vulnerability
Bento4 is a C++ class library and tool for reading and writing ISO-MP4 files. A memory leak vulnerability exists in AP4StdcFileByteStream::Create in System/StdC/Ap4StdCFileByteStream.cpp in Bento4 1.5.1-627, which can be exploited by an attacker to cause a denial of service...
Bento4 Buffer Out-of-Bounds Read Vulnerability (CNVD-2019-07056)
Bento4 is an open source C++ library for reading and writing MP4 files. A heap buffer out-of-bounds read vulnerability exists in the 'AP4AvccAtom::Create' function of the Core/Ap4AvccAtom.cpp file in Bento4 version 1.5.1-627, which can be exploited by an attacker to cause a denial of service...
Bento4 memory leak vulnerability (CNVD-2019-07058)
Bento4 is a C++ class library and tool for reading and writing ISO-MP4 files. A memory leak vulnerability exists in AP4DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp in Bento4 1.5.1-627, which can be exploited by an attacker to cause a denial of service...
CVE-2018-20409
An issue was discovered in Bento4 1.5.1-627. There is a heap-based buffer over-read in AP4AvccAtom::Create in Core/Ap4AvccAtom.cpp, as demonstrated by mp42hls...