Fedora 40 : python-scrapy (2024-c27b82d702)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-c27b82d702 advisory. - Update to 2.11.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

Oracle Database Password Hash Unauthorized Access

Title: CVE-2020-2969 – Unauthorized Access to Password Hashes by Account with DBA role Product: Database Manufacturer: Oracle Affected Versions: 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, 19c Tested Versions: 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, 19c Risk Level: Medium Solution Status: Fixed CVE Reference:...

SUSE CVE-2018-19490

An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in dfgenerateasciiarrayentry. To exploit this vulnerability, an attacker must pass an overlong string as the right bound of the range...

DEBIAN-CVE-2019-10879

In Teeworlds 0.7.2, there is an integer overflow in CDataFileReader::Open in engine/shared/datafile.cpp that can lead to a buffer overflow and possibly remote code execution, because size-related multiplications are mishandled...

DEBIAN-CVE-2019-10878

In Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader::GetData and CDataFileReader::ReplaceData and related functions in engine/shared/datafile.cpp that can lead to an arbitrary free and out-of-bounds pointer write, possibly resulting in remote code execution...

UBUNTU-CVE-2019-10878

In Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader::GetData and CDataFileReader::ReplaceData and related functions in engine/shared/datafile.cpp that can lead to an arbitrary free and out-of-bounds pointer write, possibly resulting in remote code execution...

Gnuplot Buffer Overflow Vulnerability (CNVD-2019-00240)

Gnuplot is an open source plotting software. A buffer overflow vulnerability exists in the datafile.c file in Gnuplot version 5.2.5. An attacker can exploit this vulnerability to hijack the control flow with the help of extra-long strings...

Heap overflow

An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in dfgenerateasciiarrayentry. To exploit this vulnerability, an attacker must pass an overlong string as the right bound of the range...

CVE-2018-19490

An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in dfgenerateasciiarrayentry. To exploit this vulnerability, an attacker must pass an overlong string as the right bound of the range...

DEBIAN-CVE-2018-19490

An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in dfgenerateasciiarrayentry. To exploit this vulnerability, an attacker must pass an overlong string as the right bound of the range...

xNewsletter 1.0 Form Field Input Validation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4516/info xNewsletter is a script that allows web users to subscribe to a newsletter. It is written in PHP and will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. xNewsletter does not...

Notepad Dog microblogging V3. 6. 1 Build 2 0 A 1 2 0 7 1 8 background to get shell-vulnerability warning-the black bar safety net

Notepad Dog microblogging system, the background presence of design defects that can lead to get backstage access to the shell Version: V3. 6. 1 Build 2 0 a 1 2 0 7 1 8 1. System Tools-data backup-custom backup-select a data amount smaller table-more options-select compress backup...

Webgrind 1.0 Cross Site Scripting

webgrind 1.0 dataFile Remote Reflected XSS Vulnerability Vendor: Joakim Nygard and Jacob Oettinger Product web page: http://code.google.com/p/webgrind Affected version: 1.0 Summary: Webgrind is an Xdebug profiling web frontend in PHP5. Desc: webgrind suffers from a XSS vulnerability when parsing...

DataFile - upload and Management Arbitrary File Upload

DataFile - upload and Management Arbitrary File Upload : Exploit Title: Data/File upload and management local shell upload : : Date: 14/10/2010 : : Author: saudi0hacker : : Software Link: http://resellscripts.info/index.php?route=product/product&productid=137 : : Version: All version : : Tested o...

CVE-2009-2548

Format string vulnerability in Armed Assault aka ArmA 1.14 and earlier, and 1.16 beta, and Armed Assault II 1.02 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in the 1 nickname and 2 datafile fields in a joi...

xNewsletter 1.0 - Form Field Input Validation

source: https://www.securityfocus.com/bid/4516/info xNewsletter is a script that allows web users to subscribe to a newsletter. It is written in PHP and will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. xNewsletter does not sanitize dangerous characters fro...