173 matches found
Remote Code Execution (RCE)
org.jenkins-ci.plugins: convert-to-pipeline is vulnerable to Remote Code Execution RCE. The vulnerability exists due to improperly converting the build environment, build steps, and post-build actions of freestyle projects to the corresponding pipeline step invocations via simple string...
Node.js 安全特征问题漏洞
Node.js is an open source, cross-platform JavaScript runtime environment. A security vulnerability exists in versions of Node.js prior to version 3.2.1 that stems from the crypto-js package generating random numbers by concatenating strings, but using integers, which makes the output predictable...
php: Overflowing the length of string causes crash
An integer overflow vulnerability in PHP can lead to a buffer overflow when constructing extremely long strings with the ".=" operator. In unusual circumstances, this could be used by an attacker to cause an application to crash or possibly have other consequences...
The vulnerability of the `findGarbageCode` function of the Cppcheck static analyzer allows an attacker to trigger a service failure by attempting to read beyond the allocated memory boundary.
The vulnerability of the findGarbageCode function of the Cppcheck static analyzer is related to attempts to read beyond the allocated memory boundary, during the concatenation of strings when calling std::operator+. Exploiting this vulnerability can allow an attacker to trigger a service failure...
SketchSVG Arbitrary Code Injection vulnerability
All versions of the package sketchsvg are vulnerable to Arbitrary Code Injection when invoking shell.exec without sanitization nor parametrization while concatenating the current directory as part of the command string...
SUSE CVE-2013-0750
Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary...
SUSE CVE-2017-8923
The zendstringextend function in Zend/zendstring.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact by leveraging a script's use ...
The vulnerability of the strncat() function in Netgear Nighthawk AC1900 R7000 wireless router software allows a hacker to induce a service failure.
The vulnerability of the strncat function in Netgear Nighthawk AC1900 R7000 wireless router software lies in the fact that the write operation exceeds the buffer limit and is executed in memory. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
OpenClinica SQL注入漏洞
OpenClinica is a commercial open source clinical trial software for electronic data capture EDC and clinical data management CDM. A security vulnerability exists in OpenClinica versions prior to 3.16.1 that stems from the use of string concatenation to create SQL queries...
Buffer overflow
Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow. An attacker can supply a string in the page parameter for reboot.asp endpoint, allowing him to force an overflow when the string is concatenated to the HTML body...
CVE-2020-11078
A flaw was found in python-httplib2. An attacker controlling an unescaped part of uri for httplib2.Http.request could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri constructed by string concatenatio...
DEBIAN-CVE-2020-11078
In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for httplib2.Http.request could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri constructed by string concatenation, as...
CVE-2020-11078
In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for httplib2.Http.request could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri constructed by string concatenation, as...
UBUNTU-CVE-2020-11078
In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for httplib2.Http.request could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri constructed by string concatenation, as...
CVE-2020-11078
CVE-2020-11078 affects httplib2 prior to 0.18.0. An attacker controlling an unescaped portion of the URI in httplib2.Http.request() could alter request headers and body and send hidden requests to the same server. The issue occurs when URIs are built by string concatenation rather than proper esc...
Buffer Overflows
opensc is vulnerable to buffer overflows. It is due to lack of proper handling of string concatenation in utilacltostr in tools/util.c...
UBUNTU-CVE-2018-16418
A buffer overflow when handling string concatenation in utilacltostr in tools/util.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...
Microsoft Chakra String Concatenation Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the generation ...
Microsoft Edge Chakra JIT Missing Integer Overflow Check
Microsoft Edge: Chakra: JIT: Missing Integer Overflow check in Lowerer::LowerSetConcatStrMultiItem CVE-2018-0758 The method "Lowerer::LowerSetConcatStrMultiItem" is used to generate machine code to concatenate strings. Here's a snippet of the method. void...
Microsoft Edge Chakra JIT - Lowerer::LowerSetConcatStrMultiItem Missing Integer Overflow Check
Microsoft Edge Chakra JIT - Lowerer::LowerSetConcatStrMultiItem Missing Integer Overflow Check / The method "Lowerer::LowerSetConcatStrMultiItem" is used to generate machine code to concatenate strings. Here's a snippet of the method. void Lowerer::LowerSetConcatStrMultiItemIR::Instr instr...