28 matches found
EUVD-2017-8964
Malware in sbrugna...
Information Disclosure
oxid-esales/oxideshop-ce is vulnerable to information disclosure. The vulnerability is due to improper error handling and also Smarty syntax errors in CMS pages that may allow an attacker to access user information...
CVE-2024-56526
An issue was discovered in OXID eShop before 7. CMS pages in combination with Smarty may display user information if a CMS page contains a Smarty syntax error...
yaraQA - YARA Rule Analyzer To Improve Rule Quality And Performance
YARA rule Analyzer to improve rule quality and performance Why? YARA rules can be syntactically correct but still dysfunctional. yaraQA tries to find and report these issues to the author or maintainer of a YARA rule set. The issues yaraQA tries to detect are e.g.: rules that are syntactically...
K61105950: iControl REST logs a plaintext password when the syntax of a cURL request is incorrect
Security Advisory Description The BIG-IP system logs the device password in plaintext. This issue occurs when the following condition is met: There are one or more syntax errors in the POST body of a REST token request. Impact Disclosure of the BIG-IP system's device password can lead to other...
SUSE CVE-2017-17813
In Netwide Assembler NASM 2.14rc0, there is a use-after-free in the pplistonemacro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors...
[SECURITY] Fedora 36 Update: golang-github-pelletier-toml-1.9.4-3.fc36
Go-toml provides the following features for using data parsed from TOML documents: - Load TOML documents from files and string data - Easily navigate TOML structure using Tree - Mashaling and unmarshaling to and from data structures - Line & column position data for all parsed elements - Query...
[SECURITY] Fedora 35 Update: golang-github-pelletier-toml-1.9.4-2.fc35
Go-toml provides the following features for using data parsed from TOML documents: - Load TOML documents from files and string data - Easily navigate TOML structure using Tree - Mashaling and unmarshaling to and from data structures - Line & column position data for all parsed elements - Query...
[SECURITY] Fedora 36 Update: golang-github-pelletier-toml-1.9.4-2.fc36
Go-toml provides the following features for using data parsed from TOML documents: - Load TOML documents from files and string data - Easily navigate TOML structure using Tree - Mashaling and unmarshaling to and from data structures - Line & column position data for all parsed elements - Query...
What is RCE (Remote code execution) attack ❓ Prevention methods
What is Remote Code Execution? Remote Code Execution or execution, also known as Arbitrary Code Execution, is a concept that describes a form of cyberattack in which the attacker can solely command the operation of another person’s computing device or computer. RCE takes place when malicious...
SUSE: Security Advisory (SUSE-SU-2017:1317-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2018-15357 · Bigtree · Bigtree
Name of the Vulnerable Software and Affected Versions: BigTree version 4.3 Description: The issue allows for full path disclosure through authenticated input in the admin/news section, which triggers a syntax error. It is noted that this issue requires full developer level access to the content...
CVE-2017-17813
In Netwide Assembler NASM 2.14rc0, there is a use-after-free in the pplistonemacro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors...
DEBIAN-CVE-2017-17813
In Netwide Assembler NASM 2.14rc0, there is a use-after-free in the pplistonemacro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors...
CVE-2017-17813
In Netwide Assembler NASM 2.14rc0, there is a use-after-free in the pplistonemacro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors...
Design/Logic Flaw
In Netwide Assembler NASM 2.14rc0, there is a use-after-free in the pplistonemacro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors...
CVE-2017-17813
In Netwide Assembler NASM 2.14rc0, there is a use-after-free in the pplistonemacro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors...
CVE-2017-17813
In Netwide Assembler NASM 2.14rc0, there is a use-after-free in the pplistonemacro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors...
CVE-2017-17813
CVE-2017-17813 affects Netwide Assembler (NASM) 2.14rc0, with a use-after-free in pp_list_one_macro in asm/preproc.c that leads to remote denial of service via mishandling of line-syntax errors. The incident is documented across multiple sources in the connected documents (e.g., Nessus/OpenVAS re...
CVE-2017-17813
In Netwide Assembler NASM 2.14rc0, there is a use-after-free in the pplistonemacro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors...