14 matches found
EUVD-2020-7792
Malware in sbrugna...
CVE-2020-15809
spxmanage on certain SpinetiX devices allows requests that access unintended resources because of SSRF and Path Traversal. This affects HMP350, HMP300, and DiVA through 4.5.2-1.0.36229; HMP400 and HMP400W through 4.5.2-1.0.2-1eb2ffbd; and DSOS through 4.5.2-1.0.2-1eb2ffbd...
CVE-2020-15809
spxmanage on certain SpinetiX devices allows requests that access unintended resources because of SSRF and Path Traversal. This affects HMP350, HMP300, and DiVA through 4.5.2-1.0.36229; HMP400 and HMP400W through 4.5.2-1.0.2-1eb2ffbd; and DSOS through 4.5.2-1.0.2-1eb2ffbd...
Path traversal
spxmanage on certain SpinetiX devices allows requests that access unintended resources because of SSRF and Path Traversal. This affects HMP350, HMP300, and DiVA through 4.5.2-1.0.36229; HMP400 and HMP400W through 4.5.2-1.0.2-1eb2ffbd; and DSOS through 4.5.2-1.0.2-1eb2ffbd...
CVE-2020-15809
spxmanage on certain SpinetiX devices allows requests that access unintended resources because of SSRF and Path Traversal. This affects HMP350, HMP300, and DiVA through 4.5.2-1.0.36229; HMP400 and HMP400W through 4.5.2-1.0.2-1eb2ffbd; and DSOS through 4.5.2-1.0.2-1eb2ffbd...
CVE-2020-15809
CVE-2020-15809 affects SpinetiX devices via spxmanage, enabling SSRF and Path Traversal to access unintended resources. Affected are: HMP350, HMP300 and DiVA up to 4.5.2-1.0.36229; HMP400 and HMP400W up to 4.5.2-1.0.2-1eb2ffbd; and DSOS up to 4.5.2-1.0.2-1eb2ffbd. Root cause is SSRF/Path Traversa...
SpinetiX SpinetiX 路径遍历漏洞
SpinetiX is an application platform from SpinetiX Germany. A solution suite is available. A security vulnerability exists in SpinetiX devices that originates from requests to access unintended resources due to SSRF and path traversal. The following products and versions are affected: HMP350,...
glibc security, bug fix, and enhancement update
2.17-222 - Restore internal GLIBCPRIVATE symbols for use during upgrades 1523119 2.17-221 - CVE-2018-1000001: Fix realpath buffer underflow 1534635 - i386: Fix unwinding for 32-bit C++ application 1529982 - Reduce thread and dynamic loader stack usage 1527904 - x86-64: Use XSAVE/XSAVEC more often...
Mandriva Linux Security Advisory : apache (MDVSA-2012:154-1)
Multiple vulnerabilities has been found and corrected in apache ASF HTTPD : Insecure handling of LDLIBRARYPATH was found that could lead to the current working directory to be searched for DSOs. This could allow a local user to execute code as root if an administrator runs apachectl from an...
CVE-2011-4122
Directory traversal vulnerability in openpamconfigure.c in OpenPAM before r478 on FreeBSD 8.1 allows local users to load arbitrary DSOs and gain privileges via a .. dot dot in the servicename argument to the pamstart function, as demonstrated by a .. in the -c option to kcheckpass...
CVE-2008-4844
Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet Explorer 5.01, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via DSO bindings involving 1 an XML Island, 2 XML DSOs, or 3 Tabular Data Control TDC in a craft...
CVE-2008-4844
Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet Explorer 5.01, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via DSO bindings involving 1 an XML Island, 2 XML DSOs, or 3 Tabular Data Control TDC in a craft...
CVE-2008-4844
CVE-2008-4844 is a use-after-free vulnerability in the MSHTML component (CRecordInstance::TransferToDestination) of mshtml.dll that affects Internet Explorer 5.01/6/6 SP1/7. Exploitation enables remote code execution via crafted HTML/XML containing DSO bindings (XML Island, XML DSOs, or Tabular D...
VulnCheck KEV: CVE-2008-4844
Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet Explorer 5.01, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via DSO bindings involving 1 an XML Island, 2 XML DSOs, or 3 Tabular Data Control TDC in...