139 matches found
AZL-6838 CVE-2021-38593 affecting package qt5-qtsvg for versions less than 5.12.11-3
Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath called from QRasterPaintEngine::fill and QPaintEngineEx::stroke...
OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
RHEL 8 : java-1.8.0-ibm (RHSA-2021:0530)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0530 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...
OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security update
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Authorization Bypass
OpenJDK is vulnerable to authorization bypass. The vulnerability exists through incomplete check for invalid characters in URI to path conversion...
OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
Microsoft Windows - Path Conversion Weakness
No description provided by source. source: http://www.securityfocus.com/bid/17934/info Microsoft Windows is susceptible to a path-conversion weakness that may allow attackers to bypass security applications. This issue occurs because the operating system uses multiple differing algorithms to...
CVE-2006-2334
The RtlDosPathNameToNtPathNameU API function in NTDLL.DLL in Microsoft Windows 2000 SP4 and XP SP2 does not properly convert DOS style paths with trailing spaces into NT style paths, which allows context-dependent attackers to create files that cannot be accessed through the expected DOS path or...
Microsoft Windows - Path Conversion
Microsoft Windows - Path Conversion source: https://www.securityfocus.com/bid/17934/info Microsoft Windows is susceptible to a path-conversion weakness that may allow attackers to bypass security applications. This issue occurs because the operating system uses multiple differing algorithms to...
Microsoft Windows - Path Conversion
source: https://www.securityfocus.com/bid/17934/info Microsoft Windows is susceptible to a path-conversion weakness that may allow attackers to bypass security applications. This issue occurs because the operating system uses multiple differing algorithms to resolve file paths. Attackers may...
Microsoft Internet Explorer - Object Tag (MS03-020)
!/usr/bin/perl Proof of concept exploit on IE 5.x - 6.x by Alumni IE-Object longtype dynamic call oferflow url:// the flaw actually exists in URLMON.DLL when converting backslashes to wide char, this can be seen on stack dump near '&CLSID=AAA...2F2F...'. To exploit: i start server perl script; ii...
Microsoft IIS WebDav buffer overflow
Buffer overflow in path conversion routine...