106 matches found
compare-eslint-config (>=0.1.0 <=0.1.1) potentially affected by CVE-2020-7629 via install-package (=0.1.0)
install-package NPM version =0.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on install-package and may be impacted: - compare-eslint-config =0.1.0, =0.1.1 Source cves: CVE-2020-7629 Source advisory: SNYK:JS-INSTALLPACKAGE-564267...
Umbraco Code Issue Vulnerability
Umbraco is a Danish company Umbraco C written in open source content management system CMS. A security vulnerability exists in Umbraco CMS version 8.5.3. The vulnerability can be exploited by an attacker to upload files and execute code via the Install Package feature...
Umbraco Cloud Code Issue Vulnerability
Umbraco is a Danish company Umbraco a set of C written in open source content management system CMS.Umbraco Cloud is the cloud version of Umbraco. A security vulnerability exists in Umbraco Cloud version 8.5.3. The vulnerability can be exploited by an attacker to upload files and execute code wit...
CVE-2020-9472
Umbraco CMS 8.5.3 allows an authenticated file upload and consequently Remote Code Execution via the Install Package functionality...
CVE-2020-9472
Umbraco CMS 8.5.3 allows an authenticated file upload and consequently Remote Code Execution via the Install Package functionality...
Design/Logic Flaw
Umbraco CMS 8.5.3 allows an authenticated file upload and consequently Remote Code Execution via the Install Package functionality...
CVE-2020-9472
CVE-2020-9472 affects Umbraco CMS 8.5.3. The authenticated user can upload files via the Install Package functionality, which can lead to Remote Code Execution. The vulnerability is evidenced by the CVE description and corroborated across multiple sources in the connected documents (e.g., GHSA/OS...
CVE-2020-9472
Umbraco CMS 8.5.3 allows an authenticated file upload and consequently Remote Code Execution via the Install Package functionality...
Google Android elevation of privilege vulnerability (CNVD-2019-01567)
Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An arbitrary memory release vulnerability exists in the reallyinstallpackage of install.cpp in Google Android 7.0, 7.1.1, and 7.1.2. A local attacker can exploit this...
CVE-2018-9557
In reallyinstallpackage of install.cpp, there is a possible free of arbitrary memory due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0...
IBM AIX JRE/SDK installp and updatep package denial of service vulnerability
IBM AIX Advanced Interactive eXecutive is a UNIX operating system developed by IBM in the U.S. JRE/SDK installp and updatep packages are among the packages.JRE/SDK install packages are a JRE/SDK installation package; updatep packages are JRE/SDK update packages. JRE/SDK installp packages is a...
Fedora Update for borgbackup FEDORA-2016-20014bf2bd
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
Untrusted search path vulnerability in the client in Symantec Endpoint Protection SEP 12.1 before 12.1-RU6-MP3 allows local users to gain privileges via a Trojan horse DLL in a client install package. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1492...
Fedora Update for pcre FEDORA-2015-14242
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
Untrusted search path vulnerability in the client in Symantec Endpoint Protection 12.1 before 12.1-RU6-MP1 allows local users to gain privileges via a Trojan horse DLL in a client install package...
Fedora Update for firefox FEDORA-2015-8806
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RedHat Update for kernel RHSA-2014:0285-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for dcraw FEDORA-2013-22929
Check for the Version of dcraw OpenVAS Vulnerability Test Fedora Update for dcraw FEDORA-2013-22929 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
Fedora Update for kmouth FEDORA-2013-13499
Check for the Version of kmouth OpenVAS Vulnerability Test Fedora Update for kmouth FEDORA-2013-13499 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Fedora Update for kde-workspace FEDORA-2013-10182
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...