EUVD-2018-4651

Malware in sbrugna...

PT-2022-13420 · Strapi · Strapi

Name of the Vulnerable Software and Affected Versions: strapi versions prior to 4.1.0 Description: The issue is related to arbitrary command injection in the strapi repository. This occurs due to improper sanitization of user input, specifically when creating a strapi app using the template cli...

CVE-2019-16778 Heap buffer overflow in `UnsortedSegmentSum` in TensorFlow

In TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32. In this case datasize and numsegments fields are truncated from int64 to int32 and can produce negative numbers, resulting in accessing out of bounds heap memory. Thi...

UBUNTU-CVE-2018-20673

The demangletemplate function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability for "Create an array for saving the template argument values" that can trigger a heap-based buffer overflow, as demonstrated by nm...

4Images <= 1.7.1 (Local Inclusion) Remote Code Execution Exploit

No description provided by source. ?php ----4images171inclxpl.php 6.45 26/02/2006 4Images = 1.7.1 remote commands execution through arbitrary local inclusion coded by rgod site: http://retrogod.altervista.org - this works regardless of magicquotesgpc settings Sun-Tzu: Having doomed spies, doing...

PYSEC-2010-31

Cross-site scripting XSS vulnerability in cgi/client.py in Roundup before 1.4.14 allows remote attackers to inject arbitrary web script or HTML via the template argument to the /issue program...

CVE-2010-2491

Cross-site scripting XSS vulnerability in cgi/client.py in Roundup before 1.4.14 allows remote attackers to inject arbitrary web script or HTML via the template argument to the /issue program...

CVE-2001-0704

tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to discover the full path to the working directory via a URL with a template argument for a file that does not exist...

CVE-2001-0705

Directory traversal vulnerability in tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to read arbitrary files on the web server via a URL with "dot dot" sequences in the template argument...

sendtemp.pl - Read Access to Files

sendtemp.pl - Read Access to Files !/usr/bin/perl -w sendtemp.pl: A part of the Amaya Web development server contains a file disclosure vulnerability, which allows remote, read access to files on the servers file system, as whichever user the httpd is running as. The Vulnerability is really quite...