XSS Vulnerability in Baoding OA Email Function

Baoding OA system is an office system for enterprises. An XSS vulnerability exists in the email function of Baoding OA. An attacker can exploit this vulnerability to gain administrator privileges, steal data, etc...

openSUSE Security Update : libxslt (openSUSE-2017-609)

This update for libxslt fixes the following security issues : - CVE-2017-5029: The xsltAddTextString function in transform.c lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page bsc1035905. ...

CVE-2017-9182

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service use-after-free and invalid heap read, related to the GETCOLOR function in color.c:16:11...

CVE-2017-9211

The cryptoskcipherinittfm function in crypto/skcipher.c in the Linux kernel through 4.11.2 relies on a setkey function that lacks a key-size check, which allows local users to cause a denial of service NULL pointer dereference via a crafted application...

CVE-2017-9076

CVE-2017-9076 is a Linux kernel issue reported in the CentOS/Red Hat advisory set (CESA-2018:1854) tied to the IPv6 DCCP implementation. The vulnerability arises from mishandling of inheritance in the IPv6 DCCP code, allowing a local attacker to cause a denial of service or possibly other unspeci...

Null pointer dereference

The joinpthread function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted archive...

Remote Code Execution (RCE)

nameless-cli is vulnerable to remote code execution RCE. A malicious user can inject and execute arbitrary code due to the lack of sanitization of user input before executing the eval function...

Linux kernel 'sg_ioctl' function denial of service vulnerability

Linux kernel is an open source operating system. A security vulnerability exists in the 'sgioctl' function in the drivers/scsi/sg.c file of Linux kernel. A local attacker can exploit this vulnerability to conduct a denial of service attack and crash the system...

The vulnerability of the library that handles system calls and core functions of glibc allows a attacker to cause a service failure or increase their privileges.

The vulnerability of the encodename function in the library that handles system calls and core glibc functions exists due to errors in processing new line characters in directory path names when using ncpmount and mount.cifs. Exploiting this vulnerability can allow an attacker to cause service...

DEBIAN-CVE-2016-10165

The TypeMLURead function in cmstypes.c in Little CMS aka lcms2 allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read...

MGASA-2017-0031 Updated python-bottle packages fix security vulnerability

redirect in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF attack, as demonstrated by a redirect"233\r\nSet-Cookie: name=salt" call. CVE-2016-9964...

OpenSSL 'MDC2_Update' Function Integer Overflow Vulnerability

OpenSSL is an open source capable of implementing the Secure Sockets Layer SSL v2/v3 and Secure Transport Layer TLS v1 protocols developed by the OpenSSL team as a general-purpose cryptographic library that supports a wide range of cryptographic algorithms including symmetric ciphers, hash...

CVE-2016-5093

The geticuvalueinternal function in ext/intl/locale/localemethods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\0' character, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other...

Design/Logic Flaw

The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the paragonie/randomcompat library and the opensslrandompseudobytes function fails, which makes it easier...

Amazon Linux: Security Advisory (ALAS-2016-640)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : php56 / php55 (ALAS-2016-640)

The imagerotate function lacked validation of the background color variable, an integer which represents an index of the color palette. A number larger than the length of the color palette could be used in the function, reading beyond the memory of the color palette and causing an information lea...

FFmpeg 'ff_ivi_init_planes'函数整数溢出漏洞

No description provided by source...

The vulnerabilities of PDF editing programs like Adobe Acrobat and Adobe Acrobat Document Cloud, as well as PDF viewing programs like Adobe Reader and Adobe Reader Document Cloud, allow attackers to circumvent JavaScript restrictions.

The vulnerability of the CBBBRInit method in PDF editing programs from Adobe Acrobat and Adobe Acrobat Document Cloud, as well as in PDF viewing programs from Adobe Reader and Adobe Reader Document Cloud, is related to deficiencies in access control for certain functions. Exploiting this...

CVE-2015-6759

The shouldTreatAsUniqueOrigin function in platform/weborigin/SecurityOrigin.cpp in Blink, as used in Google Chrome before 46.0.2490.71, does not ensure that the origin of a LocalStorage resource is considered unique, which allows remote attackers to obtain sensitive information via vectors...

0101SHOP CMS 商城模板存在SQL注入漏洞

CMS在处理浏览器提交的数据时使用filterPara函数过滤，这个函数接着调用了PreventSqlin和Checkxss两个函数进行字符过滤，PreventSqlin用来过滤SQL注入语句，而Checkxss是用来过滤跨站输入。 关键就是在PreventSqlin函数 /inc/AspCmsCommonFun.asp 函数内容如下： Function preventSqlincontent dim sqlStr,sqlArray,i,speStr...