SQL Injection

Overview baserproject/basercms is a Content management system based on CakePHP. Affected versions of this package are vulnerable to SQL Injection via the blog post process. An attacker can execute arbitrary SQL commands by supplying crafted input to the affected component. Remediation Upgrade...

CVE-2024-34994

In the module "Channable" channable up to version 3.2.1 from Channable for PrestaShop, a guest can perform SQL injection via ChannableFeedModuleFrontController::postProcess...

Regular Expression Denial of Service (ReDoS)

Overview transformers is a State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the postprocesssingle function. An attacker can cause high CPU usage and potential application downtime b...

CVE-2024-28393

SQL injection vulnerability in scalapay v.1.2.41 and before allows a remote attacker to escalate privileges via the ScalapayReturnModuleFrontController::postProcess method...

PrestaShop Security Breach

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image zoom and other features. A security vulnerability previously existed in PrestaShop Product Designer version 1.178.36,...

PrestaShop Security Breach

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution offers multiple payment methods, SMS alerts, and product image zoom, among other features. A security vulnerability previously existed in PrestaShop Account Manager - Sales Representative &...

Updated docker packages fix security vulnerabilities and bugs

This update fixes several security issues and also solves some other issues - manage change of launch option earlier in post process - Automatically convert -g option to --data-root in installed /etc/sysconfig/docker-storage - Fix CVE-2023-26054 and CVE-2023-28840-2...

SUSE-SU-2023:1863-1 Security update for shim

This update for shim fixes the following issues: - Updated shim signature after shim 15.7 be signed back: signature-sles.x8664.asc, signature-sles.aarch64.asc bsc1198458 - Add POSTPROCESSPEFLAGS=-N to the build command in shim.spec to disable the NX compatibility flag when using post-process-pe...

SUSE CVE-2021-3466

A flaw was found in libmicrohttpd. A missing bounds check in the postprocessurlencoded function leads to a buffer overflow, allowing a remote attacker to write arbitrary data in an application that uses libmicrohttpd. The highest threat from this vulnerability is to data confidentiality and...

DEBIAN-CVE-2021-3466

A flaw was found in libmicrohttpd. A missing bounds check in the postprocessurlencoded function leads to a buffer overflow, allowing a remote attacker to write arbitrary data in an application that uses libmicrohttpd. The highest threat from this vulnerability is to data confidentiality and...

OSV-2020-341 Heap-buffer-overflow in post_process_template

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18952 Crash type: Heap-buffer-overflow READ 4 Crash state: postprocesstemplate parsershutdown parsestring...