CVE-2014-9470

Cross-site scripting XSS vulnerability in the loadForm function in Frontend/Modules/Search/Actions/Index.php in Fork CMS before 3.8.4 allows remote attackers to inject arbitrary web script or HTML via the qwidget parameter to en/search...

UBUNTU-CVE-2011-4115

Parallel::ForkManager module before 1.0.0 for Perl does not properly handle temporary files...

[SECURITY] Fedora 31 Update: python-pillow-6.2.2-1.fc31

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2019-1070)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED12 / SLES12 Security Update : openssl-1_1 (SUSE-SU-2020:0099-1)

This update for openssl-11 fixes the following issues : Security issue fixed : CVE-2019-1551: Fixed an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli bsc1158809. CVE-2019-1563: Fixed bleichenbacher attack against cms/pkcs7 encryptioon transporte...

EulerOS Virtualization for ARM 64 3.0.5.0 : openssl (EulerOS-SA-2020-1063)

According to the versions of the openssl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In situations where an attacker receives automated notification of the success or failure of a decryption attempt an...

Security Bulletin: Multiple vulnerabilities identified in OpenSSL affect Rational Build Forge (CVE-2019-1547, CVE-2019-1549, CVE-2019-1552, and CVE-2019-1563)

Summary OpenSSL has security vulnerability that allows a remote attacker to exploit the application. Respective security vulnerability details are discussed in the subsequent section. Vulnerability Details This section includes the vulnerability details that affects the Rational Build Forge. CVEI...

Validation Bypass

Overview Versions of slp-validate prior to 1.0.1 are vulnerable to a validation bypass. Bitcoin scripts may cause the validation result from slp-validate to differ from the specified SLP consensus. This allows an attacker to create a Bitcoin script that causes a hard-fork from the SLP consensus...

Authorization Bypass

slpjs is vulnerable to authorization bypass. An attacker is able to create a malicious Bitcoin script to cause a hard-fork from the SLP concensus due to difference between the specified SLP concensus and the validation result of the slpjs npm package which causes a discrepancy in the simple ledge...

CVE-2019-16762

A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. Affected users can upgrade to...

CVE-2019-16762

A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. Affected users can upgrade to...

Design/Logic Flaw

A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. Affected users can upgrade to...

Design/Logic Flaw

A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the email protected npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. All versions 1.0.0...

CVE-2019-16762 Validator parsing discrepancy due to string encoding in NPM slpjs

A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. Affected users can upgrade to...

GHSA-425C-CCF3-3JRR Critical severity vulnerability that affects slpjs

Validator parsing discrepancy due to string encoding Impact A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a...

Critical severity vulnerability that affects slpjs

Validator parsing discrepancy due to string encoding Impact A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a...

Validation Bypass in slp-validate

Versions of slp-validate prior to 1.0.1 are vulnerable to a validation bypass. Bitcoin scripts may cause the validation result from slp-validate to differ from the specified SLP consensus. This allows an attacker to create a Bitcoin script that causes a hard-fork from the SLP consensus...

GHSA-WMX6-VXCF-C3GR Validation Bypass in slp-validate

Versions of slp-validate prior to 1.0.1 are vulnerable to a validation bypass. Bitcoin scripts may cause the validation result from slp-validate to differ from the specified SLP consensus. This allows an attacker to create a Bitcoin script that causes a hard-fork from the SLP consensus...

CVE-2019-16761

CVE-2019-16761 affects the slp-validate npm package used for Simple Ledger Protocol validation. A specially crafted Bitcoin script can cause the validator’s result to diverge from the SLP consensus rules, enabling an attacker to trigger a hard fork. This impacts slp-validate versions prior to 1.0...

CVE-2019-16761 Validator parsing discrepancy due to string encoding in NPM slp-validate 1.0.0

A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the [email protected] npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. All versions 1.0....