Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability

Synacor Zimbra Collaboration Suite ZCS contains a PHP remote file inclusion vulnerability that could allow for remote attackers to craft requests to the /h/rest endpoint to influence internal request dispatching, allowing inclusion of arbitrary files from the WebRoot directory...

CVE-2019-14392

cPanel before 80.0.22 allows remote code execution by a demo account because of incorrect URI dispatching SEC-501...

GO-2024-2597 Integer overflow in chunking helper causes dispatching to miss elements or panic in github.com/authzed/spicedb

Integer overflow in chunking helper causes dispatching to miss elements or panic in github.com/authzed/spicedb...

GHSA-H3M7-RQC4-7H9P Integer overflow in chunking helper causes dispatching to miss elements or panic

Any SpiceDB cluster with any schema where a resource being checked has more than 65535 relationships for the same resource and subject type is affected by this problem. The issue may also lead to a panic rendering the server unavailable The following API methods are affected: - CheckPermission -...

Integer overflow

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Integer overflow in chunking helper causes dispatching to miss elements or panic. Any SpiceDB cluster with any schema where a resource being checked has more than 6553...

CVE-2024-27101 Integer overflow in chunking helper causes dispatching to miss elements or panic

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Integer overflow in chunking helper causes dispatching to miss elements or panic. Any SpiceDB cluster with any schema where a resource being checked has more than 6553...

CVE-2024-27101 Integer overflow in chunking helper causes dispatching to miss elements or panic

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Integer overflow in chunking helper causes dispatching to miss elements or panic. Any SpiceDB cluster with any schema where a resource being checked has more than 6553...

[SECURITY] Fedora 36 Update: python-slixmpp-1.8.3-1.fc36

Slixmpp is an MIT licensed XMPP library for Python 3.5+. It is a fork of SleekXMPP. Goals is to only rewrite the core of the library the low level socket handling, the timers, the events dispatching in order to remove all threads...

Nitro Pro PDF JavaScript TimeOutObject double free vulnerability

Summary An exploitable double-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a reference to a timeout object to be stored in two different places. When closed, the document will result in the reference being released twice. This...

CVE-2020-26108

cPanel before 88.0.13 mishandles file-extension dispatching, leading to code execution SEC-488...

Code injection

cPanel before 88.0.13 mishandles file-extension dispatching, leading to code execution SEC-488...

Amazon Delivery Drivers Hacking Scheduling System

Amazon drivers -- all gig workers who dont work for the company -- are hanging cell phones in trees near Amazon delivery stations, fooling the system into thinking that they are closer than they actually are: The phones in trees seem to serve as master devices that dispatch routes to multiple...

[SECURITY] Fedora 30 Update: python-slixmpp-1.4.2-1.fc30

Slixmpp is an MIT licensed XMPP library for Python 3.5+. It is a fork of SleekXMPP. Goals is to only rewrite the core of the library the low level socket handling, the timers, the events dispatching in order to remove all threads...

CVE-2019-14392

cPanel before 80.0.22 allows remote code execution by a demo account because of incorrect URI dispatching SEC-501...

CVE-2019-14392

cPanel before 80.0.22 allows remote code execution by a demo account because of incorrect URI dispatching SEC-501...

CVE-2019-14392

CVE-2019-14392 affects cPanel prior to 80.0.22, where incorrect URI dispatching enables remote code execution from a demo account (SEC-501). Impact: remote code execution with high severity; no in-wild exploit details provided in the sources. Remediation: upgrade to 80.0.22 or later. If known, ve...

Fedora 27 : mozilla-noscript (2018-09c51bbcec)

Changes since 10.1.8.16: === v 10.1.9.6 ============================================================= - TB Gracefully handle legacy external message recipients - XSS Updated known HTML5 events - Better IPV6 support - UI support for protocol-only entries v 10.1.9.5...

SQL Injection Vulnerability in Shanghai Sizen GPS Global Positioning Monitoring and Dispatching System

Shanghai Sizen GPS Global Positioning Monitoring and Dispatching System is a set of integrated GPS, GIS, GPRS or CDMA1X and compatible with GSM technology to provide users with mobile target positioning, monitoring, scheduling, alarming, information communication and other services. SQL injection...

Apple Mac OSX - 'IOBluetoothHCIUserClient' Arbitrary Kernel Code Execution

/ Source: https://code.google.com/p/google-security-research/issues/detail?id=569 IOBluetoothHCIUserClient uses an IOCommandGate to dispatch external methods; it passes a pointer to the structInput of the external method as arg0 and ::SimpleDispatchWL as the Action. It neither passes nor checks t...

IBM Tivoli Storage Manager FastBack Server Opcode 8192 Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 8192. By sending a crafted packet on TCP...