26153 matches found
CVE-2017-20258
CVE-2017-20258 concerns the Joomla! extension RPC Responsive Portfolio 1.6.1 . The vulnerability is an SQL injection in the affected component, exploitable by unauthenticated attackers via a crafted HTTP GET request to index.php with the query string option=com_pofos&view=pofo&id=[SQL]. The under...
CVE-2017-20257
Joomla! Component Quiz Deluxe 3.7.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands via the ajaxaction.flag_question task. Exploitation can occur by injecting malicious SQL through the stu_quiz_id or flag_quest parameters to manipula...
CVE-2017-20255 Joomla! Component JB Visa 1.0 SQL Injection via visatype
Joomla! Component JB Visa 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the visatype parameter. Attackers can send GET requests to index.php with the option=combookpro and view=popup parameter...
EUVD-2017-18982
Joomla! Component JB Visa 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the visatype parameter. Attackers can send GET requests to index.php with the option=combookpro and view=popup parameter...
CVE-2017-20254
The CVE-2017-20254 entry concerns the Joomla! Component User Bench 1.0, which is vulnerable to SQL injection via the userid parameter in index.php? option=com_userbench&view=detail&userid. The underlying flaw allows unauthenticated attackers to execute arbitrary SQL and exfiltrate sensitive data ...
Astra Linux – Vulnerability in Zabbix
There is a vulnerability related to arbitrary file reading in the Zabbix Web Service Report Generation module, which listens on port 10053. The service does not perform proper validation on URL parameters before reading the files...
Astra Linux – Vulnerability in PostgresSQL 11
A flaw was discovered in PostgreSQL. A specially crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can carry out this attack at will. The attack does not require the ability to create objects. If the server settings include...
Astra Linux – Vulnerability in Docker-Registry
A flaw was discovered in the /v2/catalog endpoint located in the distribution/distribution directory. This endpoint accepts a parameter that controls the maximum number of records to be returned query string: n. This vulnerability allows a malicious user to submit an excessively large value for n...
Astra Linux – Vulnerability in the 389-DS-base
When using a syncrepl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, resulting in a crash...
Astra Linux – Vulnerability in isc-dhcp
In ISC DHCP 4.4.0 - 4.4.3, and ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16-P1, when the function optioncodehashlookup is called from addOption, it increments the refcount field of the option. However, there is no corresponding call to optiondereference to decrement the refcount field. The function addOptio...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Keys: Fixed the issue of linking a duplicate key to a keyring’s assocarray. When making a DNS query within the kernel using dnsquery, the request code can, in rare cases, create a duplicate index key in the assocarray of the...
Astra Linux – Vulnerability in python-pymysql
PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input, because keys are not escaped by escapedict...
Astra Linux - Vulnerability in Golang-1.23
The net/url package does not limit the number of query parameters in a query. Although the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a large form containing man...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: usb: rndishost: The secure rdrisquery check prevents integer overflow. The variables off and len, which are typed as uint32 in the rdrisquery function, are controlled by the incoming RNDIS response message. Therefore, their value...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: libbpf: Use of the OPTSSET macro in bpfxdpquery When the featureFlags and xdpzcmaxsegs fields were added to the libbpf bpfxdpQueryOpts structure, the code that wrote these fields did not use the OPTSSET macro. This causes libbpf ...
Astra Linux – Vulnerability in node-qs
The qs format used before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process to hang for an Express application. This is because the proto key can be exploited. In many typical Express use cases, an unauthenticated remote attacker can insert the...
Astra Linux – Vulnerability in bind9
Every named instance configured to run as a recursive resolver maintains a cache database that holds the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; i...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In rndisqueryoid in drivers/net/wireless/rndiswlan.c within the Linux kernel, from version 6.1.5 onwards, there is an integer overflow in a mathematical operation...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: smb: client: fixed a use-after-free in smb2queryinfocompound The following UAF was triggered when running fstests generic/072 with KASAN enabled against Windows Server 2022 and mount options “multichannel, maxChannels=2,...
Astra Linux – Vulnerability in SQLite3
A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 through the idxGetTableInfo function, when a crafted SQL query is executed. NOTE: The vendor disputes the relevance of this report, as the sqlite3.exe user already has full privileges i.e., they are...