Lucene search
K

139 matches found

OSV
OSV
added 2021/08/12 2:15 a.m.6 views

AZL-6838 CVE-2021-38593 affecting package qt5-qtsvg for versions less than 5.12.11-3

Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath called from QRasterPaintEngine::fill and QPaintEngineEx::stroke...

7.5CVSS6.7AI score0.0306EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/02/16 7:39 a.m.4 views

OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

3.1CVSS7.3AI score0.02463EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/02/16 12:0 a.m.45 views

RHEL 8 : java-1.8.0-ibm (RHSA-2021:0530)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0530 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

4.3CVSS6.8AI score0.03713EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2020/12/16 3:21 p.m.3 views

OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

4.3CVSS7.3AI score0.0217EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/10/27 12:52 a.m.5 views

OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

4.3CVSS7.3AI score0.0217EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/10/26 9:12 p.m.5 views

OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

4.3CVSS7.3AI score0.0217EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/10/26 8:32 p.m.3 views

OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

4.3CVSS7.3AI score0.0217EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/10/26 8:2 p.m.4 views

OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

4.3CVSS7.3AI score0.0217EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/10/26 8:2 p.m.92 views

Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

5.8CVSS6.4AI score0.03713EPSS
Exploits0References8
Veracode
Veracode
added 2020/10/23 8:58 a.m.48 views

Authorization Bypass

OpenJDK is vulnerable to authorization bypass. The vulnerability exists through incomplete check for invalid characters in URI to path conversion...

3.7CVSS4.4AI score0.0217EPSS
Exploits0References8Affected Software5
RedHat Linux
RedHat Linux
added 2020/10/22 7:41 p.m.5 views

OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

3.1CVSS7.4AI score0.02463EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/10/22 7:41 p.m.4 views

OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

4.3CVSS7.3AI score0.0217EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/10/22 11:10 a.m.4 views

OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

4.3CVSS7.3AI score0.0217EPSS
Exploits0References4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Microsoft Windows - Path Conversion Weakness

No description provided by source. source: http://www.securityfocus.com/bid/17934/info Microsoft Windows is susceptible to a path-conversion weakness that may allow attackers to bypass security applications. This issue occurs because the operating system uses multiple differing algorithms to...

7.1AI score
Exploits0
NVD
NVD
added 2006/05/12 12:2 a.m.30 views

CVE-2006-2334

The RtlDosPathNameToNtPathNameU API function in NTDLL.DLL in Microsoft Windows 2000 SP4 and XP SP2 does not properly convert DOS style paths with trailing spaces into NT style paths, which allows context-dependent attackers to create files that cannot be accessed through the expected DOS path or...

2.1CVSS6.4AI score0.04361EPSS
Exploits1References5
exploitpack
exploitpack
added 2006/05/10 12:0 a.m.15 views

Microsoft Windows - Path Conversion

Microsoft Windows - Path Conversion source: https://www.securityfocus.com/bid/17934/info Microsoft Windows is susceptible to a path-conversion weakness that may allow attackers to bypass security applications. This issue occurs because the operating system uses multiple differing algorithms to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/05/10 12:0 a.m.31 views

Microsoft Windows - Path Conversion

source: https://www.securityfocus.com/bid/17934/info Microsoft Windows is susceptible to a path-conversion weakness that may allow attackers to bypass security applications. This issue occurs because the operating system uses multiple differing algorithms to resolve file paths. Attackers may...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2003/06/07 12:0 a.m.59 views

Microsoft Internet Explorer - Object Tag (MS03-020)

!/usr/bin/perl Proof of concept exploit on IE 5.x - 6.x by Alumni IE-Object longtype dynamic call oferflow url:// the flaw actually exists in URLMON.DLL when converting backslashes to wide char, this can be seen on stack dump near '&CLSID=AAA...2F2F...'. To exploit: i start server perl script; ii...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/06/02 12:0 a.m.30 views

Microsoft IIS WebDav buffer overflow

Buffer overflow in path conversion routine...

4.5AI score
Exploits0References3Affected Software1
Rows per page
Query Builder