111 matches found
WWBN AVideo import.json.php temporary copy unrestricted php file upload vulnerability
Talos Vulnerability Report TALOS-2023-1885 WWBN AVideo import.json.php temporary copy unrestricted php file upload vulnerability January 10, 2024 CVE Number CVE-2023-49715 SUMMARY A unrestricted php file upload vulnerability exists in the import.json.php temporary copy functionality of WWBN AVide...
Exploit for CVE-2023-50685
Hipcam RealServer/V1.0 RTSP Format Validation Vulnerability Pr...
UBUNTU-CVE-2023-29499
A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service...
SUSE CVE-2023-29499
A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service...
PT-2023-19371
Name of the Vulnerable Software and Affected Versions Samsung Exynos Modem 5123 Samsung Exynos Modem 5300 Samsung Exynos 980 Samsung Exynos 1080 Samsung Exynos Auto T512 Description The Samsung Exynos Modem chipsets do not properly check format types specified by the Session Description Protocol...
MGASA-2023-0059 Updated sox packages fix security vulnerability
CVE-2019-13590: sox-fmt validation CVE-2021-3643 and CVE-2021-23210: voc validation CVE-2021-23159 and CVE-2021-23172: hcom validation CVE-2021-33844: wav validation CVE-2021-40426: sphere validation CVE-2022-31650: aiff validation CVE-2022-31651: reject implausible rate...
SUSE CVE-2020-26267
In affected versions of TensorFlow the tf.rawops.DataFormatVecPermute API does not validate the srcformat and dstformat attributes. The code assumes that these two arguments define a permutation of NHWC. This can result in uninitialized memory accesses, read outside of bounds and even crashes. Th...
[SECURITY] [DLA 3315-1] sox security update
Debian LTS Advisory DLA-3315-1 [email protected] https://www.debian.org/lts/security/ Helmut Grohne February 10, 2023 https://wiki.debian.org/LTS Package : sox Version : 14.4.2+git20190427-1+deb10u1 CVE ID : CVE-2019-13590 CVE-2021-3643 CVE-2021-23159 CVE-2021-23172 CVE-2021-23210...
CVE-2021-40017
The HWKEYMASTER module lacks the validity check of the key format. Successful exploitation of this vulnerability may result in out-of-bounds memory access...
CVE-2021-40017
The HWKEYMASTER module lacks the validity check of the key format. Successful exploitation of this vulnerability may result in out-of-bounds memory access...
Out-of-bounds
The HWKEYMASTER module lacks the validity check of the key format. Successful exploitation of this vulnerability may result in out-of-bounds memory access...
Mageia: Security Advisory (MGASA-2019-0241)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-33698
SAP Business One, version - 10.0, allows an attacker with business authorization to upload any files including script files without the proper file format validation...
Authorization
SAP Business One, version - 10.0, allows an attacker with business authorization to upload any files including script files without the proper file format validation...
WordPress 代码问题漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A code issue vulnerability exists in the WordPress plugin Backup and Migrate Plugin Backup Guard...
NewStart CGSL MAIN 6.02 : cryptsetup Vulnerability (NS-SA-2021-0087)
"The remote NewStart CGSL host, running version MAIN 6.02, has cryptsetup packages installed that are affected by a vulnerability: - A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/ima...
CentOS 8 : java-11-openjdk (CESA-2019:1817)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:1817 advisory. - OpenJDK: Side-channel attack risks in Elliptic Curve EC cryptography Security, 8208698 CVE-2019-2745 - OpenJDK: Insufficient checks of suppressed...
Virtuozzo 7 : java-1.8.0-openjdk / etc (VZLSA-2019-1815)
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
PYSEC-2020-298
In affected versions of TensorFlow the tf.rawops.DataFormatVecPermute API does not validate the srcformat and dstformat attributes. The code assumes that these two arguments define a permutation of NHWC. This can result in uninitialized memory accesses, read outside of bounds and even crashes. Th...
PYSEC-2020-333
In affected versions of TensorFlow the tf.rawops.DataFormatVecPermute API does not validate the srcformat and dstformat attributes. The code assumes that these two arguments define a permutation of NHWC. This can result in uninitialized memory accesses, read outside of bounds and even crashes. Th...