5103 matches found
Moderate: Red Hat Security Advisory: OpenShift Container Platform 3.9 haproxy security update
An update for haproxy is now available for Red Hat OpenShift Container Platform 3.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash
A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Tho...
Adobe Patches Critical Photoshop, Digital Edition Flaws
Adobe on Tuesday released its March Security Update, reporting and fixing only two critical flaws: one in Photoshop CC and one in Adobe Digital Editions. Both critical flaws could allow a bad actor to achieve arbitrary code execution in the context of the current user, Adobe said. The company sai...
Adobe Patches Critical ColdFusion Vulnerability With Active Exploit
Adobe has issued an emergency patch for a critical vulnerability in its ColdFusion service that is being exploited in the wild. The vulnerability, CVE-2019-7816, exists in Adobe’s commercial rapid web application development platform, ColdFusion. The ColdFusion vulnerability is a file upload...
haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash
A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Tho...
CVE-2019-7548
SQLAlchemy 1.2.17 has SQL Injection when the groupby parameter can be controlled...
haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash
A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Tho...
Adobe Issues Unscheduled Updates for Experience Manager Platform
Adobe has issued unscheduled patches for vulnerabilities rated “important” across its Experience Manager platform, which allows developers to create mobile apps, social campaigns and landing pages. Overall, Adobe issued three fixes, including an “important” flaw CVE-2018-19726 and a “moderate” fl...
Proxygen Denial of Service Vulnerability (CNVD-2019-00956)
Facebook Proxygen is a set of open source C++ HTTP class libraries from the U.S. company Facebook . A security vulnerability exists in the handling of invalid HTTP2 priority settings in Facebook Proxygen versions prior to 2018.12.31.00. An attacker can exploit this vulnerability to cause a denial...
CVE-2018-6346
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings specifically a circular dependency. This affects Proxygen prior to v2018.12.31.00...
Denial of service
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings specifically a circular dependency. This affects Proxygen prior to v2018.12.31.00...
CVE-2018-6346
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings specifically a circular dependency. This affects Proxygen prior to v2018.12.31.00...
CVE-2018-6335
A Malformed h2 frame can cause 'std::outofrange' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM 3.25.2, 3.24.6, and 3.21.10 and below when using the proxygen server to handle HTTP2 requests...
UBUNTU-CVE-2018-6335
A Malformed h2 frame can cause 'std::outofrange' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM 3.25.2, 3.24.6, and 3.21.10 and below when using the proxygen server to handle HTTP2 requests...
UBUNTU-CVE-2018-20615
An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-check...
CVE-2018-20615
An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-check...
PT-2018-17493 · Facebook · Proxygen
Name of the Vulnerable Software and Affected Versions: Proxygen versions prior to 2018.12.31.00 Description: A potential denial-of-service issue exists due to the handling of invalid HTTP2 priority settings, specifically a circular dependency, in Proxygen. Recommendations: For versions prior to...
[WEM 4.7]The agent is unable to change the priority for a process with an error code 87
The errors are associated with processes like eventvwr, notity etc...
Adobe Fixes Acrobat and Reader Flaw With Publicly-Available PoC
Adobe on Tuesday released three patches – including a fix for a flaw in Adobe Acrobat and Reader that exposes hashed passwords that already has a proof-of-concept PoC exploit code publicly available. The information disclosure vulnerability, CVE-2018-15979, exists in Adobe Acrobat and Reader for...
priorityautorelocations.com XSS vulnerability
Open Bug Bounty ID: OBB-687796 Description| Value ---|--- Affected Website:| priorityautorelocations.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3...