8 matches found
TOTOLINK CA300-PoE Command Injection Vulnerability
The TOTOLINK CA300-PoE is a wireless access point device manufactured by China's Gion Electronics TOTOLINK. TOTOLINK CA300-PoE suffers from a command injection vulnerability that stems from the improper handling of the parameter FileName in the file upgrade.so, no details of the vulnerability are...
CVE-2022-3969
A vulnerability was found in OpenKM up to 6.3.11 and classified as problematic. Affected by this issue is the function getFileExtension of the file src/main/java/com/openkm/util/FileUtils.java. The manipulation leads to insecure temporary file. Upgrading to version 6.3.12 is able to address this...
PT-2024-9413
Name of the Vulnerable Software and Affected Versions: curl versions 6.5 through 8.11.0 Description: The issue arises when curl is used with a .netrc file for credentials and follows HTTP redirects. Under certain circumstances, curl could leak the password used for the first host to the followed-...
CVE-2018-25075 karsany OBridge ProcedureDao.java getAllStandaloneProcedureAndFunction sql injection
A vulnerability classified as critical has been found in karsany OBridge up to 1.3. Affected is the function getAllStandaloneProcedureAndFunction of the file obridge-main/src/main/java/org/obridge/dao/ProcedureDao.java. The manipulation leads to sql injection. The complexity of an attack is rathe...
Debian DLA-1378-1 : tiff3 security update
A heap-based buffer overflow was discovered in the LZWDecodeCompat function in tiflzw.c LibTIFF 4.0.9 and earlier. This vulnerability might be leveraged by remote attackers to crash the client via a crafted TIFF LZW file. For Debian 7 'Wheezy', these problems have been fixed in version...
VideoLAN VLC Media Player SMB Module Win32AddConnection Buffer Overflow
Added: 09/11/2009 CVE: CVE-2009-2484 BID: 35500 OSVDB: 55509 Background VLC media player is a media player supporting various audio and video formats for multiple platforms. Problem A stack-based buffer overflow vulnerability in the Win32AddConnection function may allow a remote attacker to execu...
[SECURITY] [DSA 577-1] New postgresql packages fix symlink vulnerability
-------------------------------------------------------------------------- Debian Security Advisory DSA 577-1 [email protected] http://www.debian.org/security/ Martin Schulze October 29th, 2004 http://www.debian.org/security/faq -...
[SECURITY] [DSA 264-1] New lxr packages fix information disclosure
-------------------------------------------------------------------------- Debian Security Advisory DSA 264-1 [email protected] http://www.debian.org/security/ Martin Schulze March 19th, 2003 http://www.debian.org/security/faq -...