9162 matches found
CVE-2017-12677
IdentityServer3 2.4.x, 2.5.x, and 2.6.x before 2.6.1 has XSS in an Angular expression on the authorize response page, which might allow remote attackers to obtain sensitive information about the IdentityServer authorization response...
Expression Injection Vulnerability in Kingdee GSiS Government Service Platform
GSiS government service platform is an integrated product developed by Kingdee to integrate government affairs disclosure, government services and e-surveillance on a unified e-government platform. Expression injection vulnerability exists in Kingdee GSiS government service platform. It allows...
Regular Expression Denial Of Service (ReDoS)
Moodle is vulnerable to Regular Expression Denial Of Service ReDoS attacks. The attacks can be triggered because of the use of a non-optimal regular expression in the URLs filter in filter/urltolink/filter.php, causing high CPU consumption during URL conversion...
[SECURITY] Fedora 25 Update: yara-3.6.3-1.fc25
YARA is a tool aimed at but not limited to helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families or whatever you want to describe based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strin...
offsetexpressionprinting.com XSS vulnerability
Vulnerable URL: http://offsetexpressionprinting.com/tagproducts.php?idtag=4%22%3E%3Csvg%2Fonload%3Dprompt%2FOPENBUGBOUNTY%2F%3E Details: Description| Value ---|--- Patched:| Yes, at 27.11.2017 Latest check for patch:| 27.11.2017 16:36 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...
Code injection
Biscom Secure File Transfer is vulnerable to AngularJS expression injection in the Display Name field. An authenticated user can populate this field with a valid AngularJS expression, wrapped in double curly-braces . This expression will be evaluated by any other authenticated user who views the...
CVE-2017-5246
Biscom Secure File Transfer is vulnerable to AngularJS expression injection in the Display Name field. An authenticated user can supply a valid AngularJS expression ({{ … }}) which will be evaluated by other authenticated users viewing the attacker’s display name. Affected versions are 5.0.0000 t...
CVE-2017-5246
Biscom Secure File Transfer is vulnerable to AngularJS expression injection in the Display Name field. An authenticated user can populate this field with a valid AngularJS expression, wrapped in double curly-braces . This expression will be evaluated by any other authenticated user who views the...
rack-cors CORS request vulnerability
rack-cors is a middleware for resource sharing across sources. regex is a regular expression created in it. A security vulnerability exists in the regex created in versions of rack-cors prior to 0.4.1. An attacker can exploit this vulnerability to execute cross-origin resource sharing requests...
CVE-2017-11164
In PCRE 8.41, the OPKETRMAX feature in the match function in pcreexec.c allows stack exhaustion uncontrolled recursion when processing a crafted regular expression...
Code injection
In PCRE 8.41, the OPKETRMAX feature in the match function in pcreexec.c allows stack exhaustion uncontrolled recursion when processing a crafted regular expression...
CVE-2017-11164
In PCRE 8.41, the OPKETRMAX feature in the match function in pcreexec.c allows stack exhaustion uncontrolled recursion when processing a crafted regular expression...
CVE-2017-11164
In PCRE 8.41, the OPKETRMAX feature in the match function in pcreexec.c allows stack exhaustion uncontrolled recursion when processing a crafted regular expression...
CVE-2017-11164
In PCRE 8.41, the OPKETRMAX feature in the match function in pcreexec.c allows stack exhaustion uncontrolled recursion when processing a crafted regular expression...
CVE-2017-11164
In PCRE 8.41, the OPKETRMAX feature in the match function in pcreexec.c allows stack exhaustion uncontrolled recursion when processing a crafted regular expression...
U.S. Dept Of Defense: Remote Code Execution (RCE) in a DoD website
Summary: One of the DoD applications uses a java library which is vulnerable to expression language injection. Using only an URL I was able to inject java code. I made a simple PoC that requests a name resolution to a DNS server. Description: The application at https://███ uses Primefaces version...
FreeBSD : oniguruma -- multiple vulnerabilities (b396cf6c-62e6-11e7-9def-b499baebfeaf)
the PHP project reports : - A stack out-of-bounds read occurs in matchat during regular expression searching. A logical error involving order of validation and access in matchat could result in an out-of-bounds read from a stack buffer CVE-2017-9224. - A heap out-of-bounds write or read occurs in...
CVE-2017-9229
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in leftadjustcharhead during regular expression compilation. Invalid handling of reg-dmax in forwardsearchrange could result in an invalid pointer...
CVE-2017-9225
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds write in onigencunicodegetcasefoldcodesbystr occurs during regular expression compilation. Code point 0xFFFFFFFF is not properly handled in...
CVE-2017-9226
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in nextstateval during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetchtoken and...