SUSE CVE-2019-6256

A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmdTunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request...

GHSA-74MF-VJPG-9XH7 Slim vulnerable to PHP object injection

Middleware/SessionCookie.php in Slim before 2.6.0 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted session data...

Intel Raid Web Console 3 add server denial-of-service vulnerability

Summary A remote, exploitable denial-of-service vulnerability exists in the web API functionality of Intel Raid Web Console 3. A specially crafted request can lead to a null pointer dereference in the Intel Raid Web Console server. This would result in a denial of service until the user restarts...

CVE-2019-6256

A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmdTunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request...

CVE-2019-6256

A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmdTunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request...

CVE-2019-6256

A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmdTunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request...

Remote Code Execution (RCE)

Slim is vulnerable to Remote Code Execution RCE through PHP Object Injections. A malicious user can inject and execute arbitrary code when deserialising a SessionCookie object...

CVE-2015-2171

Middleware/SessionCookie.php in Slim before 2.6.0 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted session data...

Design/Logic Flaw

Middleware/SessionCookie.php in Slim before 2.6.0 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted session data...

CVE-2015-2171

CVE-2015-2171 affects the Slim PHP framework; vulnerable component is Middleware/SessionCookie.php in Slim before 2.6.0. The issue allows remote attackers to perform PHP object injection via crafted session data, enabling arbitrary code execution on the server. The root cause is deserialization o...

Thyme 1.3 Cross Site Scripting

---------------------------------------------------------- Aria-Security.net Advisory Discovered by: O.U.T.L.A.W www.Aria-security.net Gr33t to: A.u.r.a & R@1D3N & Smok3r ----------------------------------------------------------- » Software: Thyme 1.3 » Link:...

thyme13.txt

---------------------------------------------------------- Aria-Security.net Advisory Discovered by: O.U.T.L.A.W Gr33t to: A.u.r.a & R@1D3N & Smok3r ----------------------------------------------------------- » Software: Thyme 1.3 » Link: http://www.extrosoft.com/products/thyme/demo/index.php »...