FreeBSD : RubyGems -- multiple vulnerabilities (27b12d04-4722-11e9-8b7c-b5e01141761f)

RubyGems Security Advisories : CVE-2019-8320: Delete directory using symlink when decompressing tar CVE-2019-8321: Escape sequence injection vulnerability in 'verbose' CVE-2019-8322: Escape sequence injection vulnerability in 'gem owner' CVE-2019-8323: Escape sequence injection vulnerability in A...

Mail.ru: Seven DOM-Based XSS Vulnerabilities | Execution in Login Sequence

DOM based XSS in tz.mail.ru tz.mail.ru belongs to extended scope I was able to exploit DOM XSS at the following endpoints. The vulnerability was exploitable on forbidden pages and the root cause lies in jquery. text https://tz.mail.ru/a/ https://tz.mail.ru/a/js/ https://tz.mail.ru/www/...

yaml-cpp denial of service vulnerability

yaml-cpp is a YAML parser written in C++. A denial of service vulnerability exists in the SingleDocParser::HandleFlowSequence function in yaml-cpp 0.6.2. A remote attacker can cause a denial of service stack consumption and application crash via a specially crafted YAML file...

Escape sequence injection vulnerability in verbose

An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::UserInteractionverbose calls say without escaping, escape sequence injection is possible...

RubyGems -- multiple vulnerabilities

RubyGems Security Advisories: CVE-2019-8320: Delete directory using symlink when decompressing tar CVE-2019-8321: Escape sequence injection vulnerability in 'verbose' CVE-2019-8322: Escape sequence injection vulnerability in 'gem owner' CVE-2019-8323: Escape sequence injection vulnerability in AP...

Escape sequence injection vulnerability in errors

An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManagerrun calls alerterror without escaping, escape sequence injection is possible. There are many ways to cause an error...

Escape sequence injection vulnerability in gem owner

An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur...

Escape sequence injection vulnerability in api response handling

An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilitieswithresponse may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur...

The vulnerability of the Zyxel VMG1312-B10D router’s microprogramming software arises from deficiencies in the checking of path names for access-limited directories. This vulnerability allows attackers to gain access to protected information.

The vulnerability of Zyxel VMG1312-B10D router microprogramming software is related to deficiencies in the checking of path names to restricted access directories. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to protected information by using a specially...

The vulnerability of the ALSA driver /dev/snd/seq in Linux operating systems allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the ALSA driver /dev/snd/seq in Linux operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

CVE-2019-0007

The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was found during...

Escape Sequence Injection

Fluentd is vulnerable to escape sequence injection attacks. User input is pushed directly to the logs without filtering, allowing an attacker to change the terminal UI or execute commands on the device parsing the logs...

Denial Of Service (DoS0

qpid-cpp-mrg is vulnerable to denial of service DoS attacks. The vulnerability exists as the qpidd broker in Apache Qpid 0.30 and earlier allows remote authenticated users to cause a denial of service daemon crash via an AMQP message with 1 an invalid range in a sequence set, 2 content-bearing...

PT-2019-18079 · Libyaml +2 · Yaml-Cpp +2

Name of the Vulnerable Software and Affected Versions: yaml-cpp aka LibYaml-C++ version 0.6.2 Description: An issue in singledocparser.cpp causes a stack exhaustion problem due to recursive stack frames in functions like HandleCompactMap, HandleMap, HandleFlowSequence, HandleSequence, and...

AZL-7008 CVE-2019-6285 affecting package yaml-cpp for versions less than 0.6.2-6

The SingleDocParser::HandleFlowSequence function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...

PT-2019-18073 · Yaml Cpp +2 · Yaml-Cpp +2

Name of the Vulnerable Software and Affected Versions: yaml-cpp version 0.6.2 Description: The issue allows remote attackers to cause a denial of service, resulting in stack consumption and application crash, via a crafted YAML file. This is due to a problem in the...

MGASA-2019-0031 Updated terminology package fixes security vulnerability CVE-2018-20167

Terminology before 1.3.1 allows Remote Code Execution because popmedia is mishandled, as demonstrated by an unsafe "cat README.md" command when \epn is used. A popmedia control sequence can allow the malicious execution of executable file formats registered in the X desktop share MIME types...

Juniper Junos vMX Predictable IP ID Sequence Numbers (JSA10903)

According to its self-reported version number, the remote Junos device uses a predictable IP ID sequence number. It is, therefore, vulnerable to a family of attacks that rely on this property, including a susceptibility to being used as a 'zombie' host in an 'idle scan' blind port scan of another...

DEBIAN-CVE-2019-5717

In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the PMUL dissector could crash. This was addressed in epan/dissectors/packet-pmul.c by rejecting the invalid sequence number of zero...

UBUNTU-CVE-2019-5717

In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the PMUL dissector could crash. This was addressed in epan/dissectors/packet-pmul.c by rejecting the invalid sequence number of zero...