1165 matches found
CVE-2017-12187
xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code...
CVE-2017-12187
xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code...
Input validation
xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code...
ALPINE-CVE-2017-12187
xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code...
DEBIAN-CVE-2017-12187
xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code...
CVE-2017-12187
xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code...
CVE-2017-12187
xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code...
CVE-2017-12187
xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code...
CVE-2017-12187
CVE-2017-12187 affects xorg-x11-server before 1.19.5, where the RENDER extension lacked proper length validation. This weakness can allow a malicious X client to crash the X server or potentially execute arbitrary code. The issue is documented across multiple sources (NVD entry for CVE-2017-12187...
CVE-2017-17868
In Liferay Portal 6.1.0, the tags section has XSS via a Public Render Parameter prp value, as demonstrated by prp564233524tag...
CVE-2017-17868
In Liferay Portal 6.1.0, the tags section has XSS via a Public Render Parameter prp value, as demonstrated by prp564233524tag...
Design/Logic Flaw
In Liferay Portal 6.1.0, the tags section has XSS via a Public Render Parameter prp value, as demonstrated by prp564233524tag...
CVE-2017-17868
In Liferay Portal 6.1.0, the tags section has XSS via a Public Render Parameter prp value, as demonstrated by prp564233524tag...
Liferay Porta tags section cross-site scripting vulnerability
Liferay Portal is a J2EE-based portal solution from Liferay, Inc. The solution uses EJB as well as JMS and other technologies , and can be used as a Web publishing and sharing workspaces , enterprise collaboration platforms , social networks and so on. A cross-site scripting vulnerability exists ...
CVE-2017-17868
In Liferay Portal 6.1.0, the tags section has XSS via a Public Render Parameter prp value, as demonstrated by prp564233524tag...
CVE-2017-17868
In Liferay Portal 6.1.0, the tags section is vulnerable to cross-site scripting via a Public Render Parameter (p_r_p) value (example: p_r_p_564233524_tag). This is caused by improper sanitization of the p_r_p parameter, allowing arbitrary script to be injected through the parameter. The vulnerabi...
DEBIAN-CVE-2017-1000188
nodejs ejs version older than 2.5.5 is vulnerable to a Cross-site-scripting in the ejs.renderFile resulting in code injection...
nodejs ejs cross-site scripting vulnerability
nodejs ejs is an embedded JavaScript template with flow control, customizable delimiters and escaped output. A cross-site scripting vulnerability exists in the 'ejs.renderFile' function in versions of nodejs ejs prior to 2.5.5. A remote attacker can exploit the vulnerability to inject code...
nodejs ejs remote code execution vulnerability
nodejs ejs is an embedded JavaScript template with flow control, customizable delimiters and escaped output. A remote code execution vulnerability exists in the 'ejs.renderFile' function in versions of nodejs ejs prior to 2.5.3, which stems from weak input validation. A remote attacker could...
CVE-2017-12187
xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code...