5 matches found
CVE-2026-54421
In OpenStack Ironic before 37.0.1, when applying a PATCH to update fields in volume properties the user is authorized for, Ironic can return unredacted sensitive information such as iSCSI credentials. The PATCH outcome is a security issue; the POST outcome is not a security issue...
EUVD-2017-11172
Malware in sbrugna...
EUVD-2022-52053
Malicious code in bioql PyPI...
Microsoft Publisher 2007 Pubconv.dll内存破坏漏洞
CVE ID: CVE-2011-1508 Microsoft Publisher是微软公司发行的桌面出版应用软件。 Publisher 2007中存在输入验证错误,可被远程攻击者利用通过诱使用户在文档中插入特制的.pub文件执行任意代码。 通过修改.pub文件,可使pubconv.dll库复制很多文件内容到栈中,从而覆盖稍后执行的函数指针。 Microsoft Publisher 2007 12.0.6546.5000 厂商补丁: Microsoft --------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
YoungZSoft CMailServer overflow, PATCH + WAREZ!@#!
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CMailServer 3.30 uses sprintf without any previous bounds checking while testing for the presence of the passed USER argument's home directory within 'mail'.. sprintfsmails, CMail path ptr, USER arg ptr you know how the story goes, we can overwrite so...