Lucene search
K

2623 matches found

OSV
OSV
added 2018/05/01 1:29 p.m.2 views

CVE-2018-10581

In Octopus Deploy 3.4.x before 2018.4.7, an authenticated user is able to view/update/save variable values within the Tenant Variables area for Environments that do not exist within their associated Team scoping. This occurs in situations where this authenticated user also belongs to multiple...

5.4CVSS5.8AI score0.00742EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2018/04/26 12:0 a.m.25 views

Google Chrome V8 Arrow Function Scope Fixing Bug

Chrome: V8: Arrow function scope fixing bug When the parser parses the parameter list of an arrow function contaning destructuring assignments, it can't distinguish whether the assignments will be actually in the parameter list or just assignments until it meets a "=" token. So it first assigns t...

0.3AI score
Exploits0
0day.today
0day.today
added 2018/04/25 12:0 a.m.29 views

Chrome V8 JIT - Arrow Function Scope Fixing Bug Exploit

Exploit for multiple platform in category dos / poc / When the parser parses the parameter list of an arrow function contaning destructuring assignments, it can't distinguish whether the assignments will be actually in the parameter list or just assignments until it meets a "=" token. So it first...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/04/25 12:0 a.m.17 views

Chrome V8 JIT - Arrow Function Scope Fixing Bug

Chrome V8 JIT - Arrow Function Scope Fixing Bug / When the parser parses the parameter list of an arrow function contaning destructuring assignments, it can't distinguish whether the assignments will be actually in the parameter list or just assignments until it meets a "=" token. So it first...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/25 12:0 a.m.38 views

Chrome V8 JIT - Arrow Function Scope Fixing Bug

/ When the parser parses the parameter list of an arrow function contaning destructuring assignments, it can't distinguish whether the assignments will be actually in the parameter list or just assignments until it meets a "=" token. So it first assigns the destructuring assignments to the outer...

7.4AI score
Exploits0
NVD
NVD
added 2018/04/17 9:29 p.m.17 views

CVE-2018-10191

In versions of mruby up to and including 1.4.0, an integer overflow exists in src/vm.c::mrbvmexec when handling OPGETUPVAR in the presence of deep scope nesting, resulting in a use-after-free. An attacker that can cause Ruby code to be run can use this to possibly execute arbitrary code...

9.8CVSS9.8AI score0.02584EPSS
Exploits1References3
OSV
OSV
added 2018/04/17 9:29 p.m.5 views

UBUNTU-CVE-2018-10191

In versions of mruby up to and including 1.4.0, an integer overflow exists in src/vm.c::mrbvmexec when handling OPGETUPVAR in the presence of deep scope nesting, resulting in a use-after-free. An attacker that can cause Ruby code to be run can use this to possibly execute arbitrary code...

9.8CVSS7.5AI score0.02584EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2018/04/10 3:29 p.m.32 views

CVE-2014-0158

Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file because of incorrect j2kdecode, j2kreadeoc, and tcddecodetile interaction, a...

8.8CVSS7.5AI score0.01828EPSS
Exploits0References1
Veracode
Veracode
added 2018/04/04 6:50 a.m.15 views

Directory Traversal

crud-file-server is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of ../ sanitization on the user input, allowing attackers to access files outside of the server's scope...

7.5CVSS7.4AI score0.02216EPSS
Exploits1References3Affected Software1
ossfuzz
ossfuzz
added 2018/03/25 1:51 p.m.19 views

dlplibs/cdrfuzzer: Stack-use-after-scope in libcdr::CDRParser::_redirectX6Chunk

Detailed report: https://oss-fuzz.com/testcase?key=5193637206949888 Project: dlplibs Fuzzer: libFuzzerdlplibscdrfuzzer Fuzz target binary: cdrfuzzer Job Type: libfuzzerasandlplibs Platform Id: linux Crash Type: Stack-use-after-scope READ 8 Crash Address: 0x7f8e30db6bd8 Crash State:...

6.7AI score
Exploits0Affected Software1
ThreatPost
ThreatPost
added 2018/03/21 6:27 p.m.23 views

Netflix Opens Public Bug Bounty Program with $15K Payout Cap

Netflix expanded its bug bounty program on Wednesday opening it up to any white hat hacker and at the same time increased the top reward to $15,000. The bug bounty program, managed by Bugcrowd, now allows any registered hackers to scour Netflix vast mobile, cloud and software platform for minor a...

0.2AI score
Exploits0References2
Veracode
Veracode
added 2018/03/20 5:21 a.m.9 views

Directory Traversal

wenluhong11 is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of ../ sanitization on the user input, allowing attackers to access files outside of the server's scope...

6.7AI score
Exploits0
Veracode
Veracode
added 2018/03/20 5:20 a.m.10 views

Directory Traversal

my-sn is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of ../ sanitization on the user input, allowing attackers to access files outside of the server's scope...

6.7AI score
Exploits0
Veracode
Veracode
added 2018/03/20 5:19 a.m.13 views

Directory Traversal

zhangranbigman is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of ../ sanitization on the user input, allowing attackers to access files outside of the server's scope...

6.7AI score
Exploits0
Veracode
Veracode
added 2018/03/20 5:14 a.m.8 views

Directory Traversal

cuiaiguang is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of ../ sanitization on the user input, allowing attackers to access files outside of the server's scope...

6.7AI score
Exploits0
Veracode
Veracode
added 2018/03/20 5:10 a.m.8 views

Directory Traversal

ptest is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of ../ sanitization on the user input, allowing attackers to access files outside of the server's scope...

6.7AI score
Exploits0
Veracode
Veracode
added 2018/03/20 5:5 a.m.11 views

Directory Traversal

express-blinker is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of ../ sanitization on the user input, allowing attackers to access files outside of the server's scope...

6.7AI score
Exploits0
Veracode
Veracode
added 2018/03/20 3:25 a.m.9 views

Directory Traversal

caolilinode1 is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of ../ sanitization on the user input, allowing attackers to access files outside of the server's scope...

6.7AI score
Exploits0
Veracode
Veracode
added 2018/03/20 3:24 a.m.8 views

Directory Traversal

willvdbtestserver is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of ../ sanitization on the user input, allowing attackers to access files outside of the server's scope...

6.7AI score
Exploits0
Veracode
Veracode
added 2018/03/20 3:22 a.m.11 views

Directory Traversal

webkit-devtools-agent-frontend is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of ../ sanitization on the user input, allowing attackers to access files outside of the server's scope...

6.7AI score
Exploits0
Rows per page
Query Builder