Google Android Titan-M Component Input Validation Error Vulnerability

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA in the U.S. Titan-M is one of the security components. A security vulnerability exists in the Titan-M component of Google Android. An attacker can exploit the vulnerability to elevate privileges...

Mutt and NeoMutt Injection Vulnerabilities

Mutt is a text-based mail client for Unix-like systems by Michael Elkins Software Developers.NeoMutt is a command-line mail reader. An injection vulnerability exists in Mutt versions prior to 1.14.4 and NeoMutt versions prior to 2020-06-19. The vulnerability stems from a lack of proper validation...

PHP 7.4.x < 7.4.2 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is prior to 7.2.27, 7.3.x prior to 7.3.14, or 7.4.x prior to 7.4.2. It is, therefore, affected by multiple vulnerabilities: - A buffer overflow exists in mbflfiltconvbig5wchar due to an input validation error...

SUSE SLED12 / SLES12 Security Update : libpng16 (SUSE-SU-2019:3060-1)

This update for libpng16 fixes the following issues : Security issues fixed : CVE-2019-7317: Fixed a use-after-free vulnerability, triggered when pngimagefree was called under pngsafeexecute bsc1124211. CVE-2017-12652: Fixed an Input Validation Error related to the length of chunks bsc1141493. No...

Ratpack Input Validation Error Vulnerability

Ratpack is a Java library for building scalable HTTP applications. An input validation error vulnerability exists in Ratpack versions prior to 1.7.5, which can be exploited to conduct http response splitting attacks by constructing HTTP headers with untrusted data...

CVE-2019-12347

In pfSense 2.4.4-p3, a stored XSS vulnerability occurs when attackers inject a payload into the Name or Description field via an acmeaccountkeysedit.php action. The vulnerability occurs due to input validation errors...

Apple Safari < 12.0.3 Multiple Vulnerabilities

Binary data 700508.prm...

GLSA-201903-02 : Zsh: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201903-02 Zsh: User-assisted execution of arbitrary code Two input validation errors have been discovered in how Zsh parses scripts: Parsing a malformed shebang line could cause Zsh to call a program listed in the second line...

Starbucks: Backup Source Code Detected

Impact Depending on the nature of the source code disclosed, an attacker can mount one or more of the following types of attacks:•Access the database or other data resources. With the privileges of the account obtained, attempt to read, update or delete arbitrary data from the database. •Access...

Adobe ColdFusion Multiple Vulnerabilities (APSB18-14)

Adobe ColdFusion is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:coldfusion";...

Geovision Inc. IP Camera Multiple Vulnerabilities

Geovision Inc. IP Camera is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Parallels Plesk Sitebuilder Multiple Vulnerabilities

Parallels Plesk Sitebuilder is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpMyAdmin Multiple Vulnerabilities (PMASA-2016-24, PMASA-2016-26, PMASA-2016-27, PMASA-2016-28) - Linux

phpMyAdmin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyadmin:phpmyadmin";...

phpMyAdmin Multiple XSS Vulnerabilities (PMASA-2016-12) - Windows

phpMyAdmin is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

pfSense Multiple Vulnerabilities (Jun 2016)

pfSense is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:pfsense:pfsense"; if description...

VMware Workstation/Player/Fusion Custom RPC Command Denial of Service Vulnerability

VMware is a vendor of desktop to datacenter virtualization solutions. A security vulnerability exists in VMware Workstation/Player/Fusion that allows a remote attacker on Guest to send specially crafted RPC commands to trigger input validation errors and conduct denial of service attacks...

NPDS 4.8 /5.0 reply.php image_subject Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may...

NPDS 4.8 /5.0 admin.php language Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may...

NPDS 4.8 /5.0 links.php Query Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may...

PHPWCMS 1.4.5 r398 Cross Site Request Forgery Vulnerability

No description provided by source. ?php / Exploit Title: PHPWCMS Cross-Site Request Forgery Vulnerability Date: 06/16/2010 Author: Jeremiah Talamantes Software Link: http://phpwcms.googlecode.com/files/phpwcmsr398.zip Version: 1.4.5 r398 Tested on: WinXP SP2 EN on WAMP 2.0 CVE: N/A Jeremiah...