Lucene search
K

1409 matches found

seebug.org
seebug.org
added 2018/01/10 12:0 a.m.48 views

织梦前台任意用户密码修改

常见的弱类型问题 类型转换问题 类型转换是无法避免的问题。例如需要将GET或者是POST的参数转换为int类型,或者是两个变量不匹配的时候,PHP会自动地进行变量转换。但是PHP是一个弱类型的语言,导致在进行类型转换的时候会存在很多意想不到的问题。 数学运算 当php进行一些数学计算的时候 因为 md5's878926199a'=0e545993274517709034328855841020就是0的n次方,所以还是等于0 但是要注意: "0e123456abc"=="0e1dddada"//false 这种返回的是为假 语句条件的松散判断 函数的松散判断...

7.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2017/12/27 5:8 p.m.4 views

CVE-2017-17845

An issue was discovered in Enigmail before 1.9.9. Improper Random Secret Generation occurs because Math.Random is used by pretty Easy privacy pEp, aka TBE-01-001...

7.5CVSS5.5AI score0.01608EPSS
Exploits0References7
GithubExploit
GithubExploit
added 2017/12/12 12:17 p.m.3 views

base64Captcha

A flexible and various captcha package !Testhttps://github...

5.7AI score
Exploits0
Fedora
Fedora
added 2017/11/15 5:58 p.m.33 views

[SECURITY] Fedora 27 Update: liblouis-2.6.2-12.fc27

Liblouis is an open-source braille translator and back-translator named in honor of Louis Braille. It features support for computer and literary brail le, supports contracted and uncontracted translation for many languages and has support for hyphenation. New languages can easily be added through...

8.8CVSS0.3AI score0.02189EPSS
Exploits0
NVD
NVD
added 2017/10/27 5:29 a.m.18 views

CVE-2017-5113

Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS8.8AI score0.01302EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2017/10/27 5:29 a.m.20 views

CVE-2017-5113

Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.3AI score0.01302EPSS
Exploits0References2
Prion
Prion
added 2017/10/27 5:29 a.m.20 views

Design/Logic Flaw

Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

6.8CVSS8.6AI score0.01302EPSS
Exploits0References7Affected Software5
CVE
CVE
added 2017/10/27 5:0 a.m.94 views

CVE-2017-5113

CVE-2017-5113 describes a buffer overflow in the Skia component of Chromium/Chrome that could allow a remote attacker to execute arbitrary code via a crafted HTML page. Affected products include Chromium/Chrome before version 61.0.3163.79 (Chrome desktop/mac/win/linux) and 61.0.3163.81 (Android),...

8.8CVSS8.6AI score0.01302EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2017/10/27 5:0 a.m.27 views

CVE-2017-5113

Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.7AI score0.01302EPSS
Exploits0References7
Fedora
Fedora
added 2017/10/25 11:16 p.m.36 views

[SECURITY] Fedora 26 Update: glibc-2.25-12.fc26

The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important se...

7.5CVSS2AI score0.0627EPSS
Exploits0
seebug.org
seebug.org
added 2017/10/20 12:0 a.m.54 views

Adobe Flash Player Infinite Recursion Arbitrary Read Access Violation(CVE-2016-4132)

SUMMARY A potentially exploitable read access violation vulnerability exists in the a way Adobe Flash Player handles infinitely recursive calls. A specially crafted ActionScript code can cause a read access violation which can potentially be further abused. To trriger this vulnerability user...

9.3CVSS9.1AI score0.03977EPSS
Exploits1
OSV
OSV
added 2017/09/25 9:35 p.m.12 views

OPENSUSE-SU-2017:2568-1 Recommended update for openjpeg

This update for openjpeg fixes the following vulnerability: CVE-2016-7445: Null pointer dereference in convert.c could lead to crash bsc999817 The following bug was also fixed: - Programs linked with libopenjpeg1 would expose non-standard math behavior due to usage of -ffast-math in openjpeg...

7.5CVSS8.5AI score0.04191EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2017/09/12 3:41 a.m.5 views

chromium-browser: heap buffer overflow in skia

Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.5AI score0.01302EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2017/09/06 8:22 a.m.26 views

CVE-2017-5113

Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS3.5AI score0.01302EPSS
Exploits0References2
CNVD
CNVD
added 2017/08/30 12:0 a.m.4 views

JasPer Denial of Service Vulnerability (CNVD-2017-25691)

JasPer is an open source project that aims to provide a free software-based reference implementation of the codecs specified in the JPEG-2000 Part-1 standard. A denial of service vulnerability exists in the jpcfloorlog2 function in jpc/jpcmath.c in JasPer, which can be exploited by a remote...

7.5CVSS6AI score0.03592EPSS
Exploits1References1
Cent OS
Cent OS
added 2017/08/24 1:37 a.m.229 views

glibc, nscd security update

CentOS Errata and Security Advisory CESA-2017:1916 An update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7.3AI score0.05966EPSS
Exploits3References7
OpenVAS
OpenVAS
added 2017/08/04 12:0 a.m.46 views

RedHat Update for glibc RHSA-2017:1916-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.05966EPSS
Exploits3References2
Fedora
Fedora
added 2017/06/24 8:51 p.m.41 views

[SECURITY] Fedora 24 Update: glibc-2.23.1-12.fc24

The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important se...

7.8CVSS2AI score0.02733EPSS
Exploits14
Fedora
Fedora
added 2017/06/23 1:59 a.m.39 views

[SECURITY] Fedora 25 Update: glibc-2.24-8.fc25

The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important se...

7.8CVSS2AI score0.02733EPSS
Exploits14
Cent OS
Cent OS
added 2017/06/20 10:48 a.m.99 views

glibc, nscd security update

CentOS Errata and Security Advisory CESA-2017:1481 An update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.8CVSS6.9AI score0.02733EPSS
Exploits14References7
Rows per page
Query Builder