6706 matches found
Information Disclosure
parse-server is vulnerable to information disclosure. A remote attacker is able to enumerate existing accounts by analyzing the error messages from server responses...
Denial Of Service (DoS)
parse-server is vulnerable to denial of service DoS. The attack exists when a post request is made against a volatile class such as /parse/classes/Audience, returning 500 an internal server error for subsequent POST requests...
CVE-2019-1020013
parse-server before 3.6.0 allows account enumeration...
CVE-2019-1020013
parse-server before 3.6.0 allows account enumeration...
CVE-2019-1020012
parse-server before 3.4.1 allows DoS after any POST to a volatile class...
CVE-2019-1020012
parse-server before 3.4.1 allows DoS after any POST to a volatile class...
Design/Logic Flaw
parse-server before 3.6.0 allows account enumeration...
Design/Logic Flaw
parse-server before 3.4.1 allows DoS after any POST to a volatile class...
CVE-2019-1020013
parse-server before 3.6.0 allows account enumeration...
CVE-2019-1020013
CVE-2019-1020013 affects parse-server prior to 3.6.0, allowing unauthenticated users to enumerate existing accounts via error messages. The root cause is information disclosure during authentication/account linking flow, where specific errors reveal account existence (ParseError.ACCOUNT_ALREADY_L...
CVE-2019-1020012
CVE-2019-1020012 affects parse-server prior to 3.4.1 and enables a Denial of Service after POSTing to a volatile class (e.g., /parse/classes/_Audience). Several sources confirm the vulnerability and patch: the public advisory notes that subsequent POST requests can yield a 500 Internal Server Err...
CVE-2019-1020012
parse-server before 3.4.1 allows DoS after any POST to a volatile class...
Xpdf out-of-bounds read vulnerability (CNVD-2019-26662)
Xpdf is a free PDF viewer and toolkit that includes a text extractor, image converter, HTML converter and more. An out-of-bounds read vulnerability exists in the GfxPatchMeshShading::parse function in GfxState.cc in Xpdf 4.01.01. An attacker can exploit this vulnerability to cause a denial of...
Uncompyle6 - A Cross-Version Python Bytecode Decompiler
A native Python cross-version decompiler and fragment decompiler. The successor to decompyle, uncompyle, and uncompyle2. Introduction uncompyle6 translates Python bytecode back into equivalent Python source code. It accepts bytecodes from Python version 1.3 to version 3.8, spanning over 24 years ...
CVE-2019-14293
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 2...
CVE-2019-14290
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 2...
CVE-2019-14292
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 1...
CVE-2019-14291
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 3...
Out-of-bounds
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 2...
CVE-2019-14293
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 2...