6 matches found
PT-2026-26850
The CMS Commander plugin for WordPress is vulnerable to SQL Injection via the 'or blogname', 'or blogdescription', and 'or admin email' parameters in all versions up to, and including, 2.288. This is due to insufficient escaping on the user supplied parameters and lack of sufficient preparation o...
Linux Distros Unpatched Vulnerability : CVE-2019-6956
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. It is a buffer over-read in psmixphase in libfaad/psdec.c. CVE-2019-6956 Note that...
Joplin 跨站脚本漏洞
Joplin is an open source notes and to-do list application. A security vulnerability exists in Joplin version v2.8.8, which stems from the fact that an attacker can execute arbitrary commands by injecting a crafted payload into a Node header...
PT-2020-6581
Name of the Vulnerable Software and Affected Versions Ansible versions 2.7.16 and prior Ansible versions 2.8.8 and prior Ansible versions 2.9.5 and prior Description A flaw was found in Ansible when a password is set with the argument password of the svn module, it is used on the svn command line...
Denial of Service Vulnerability in Freeware Advanced Audio Decoder 2
Freeware Advanced Audio Decoder 2 is advanced audio encoder. A denial of service vulnerability exists in Freeware Advanced Audio Decoder 2 FAAD2 in version v2.8.8, which can be exploited by attackers to cause a denial of service...
ALPINE-CVE-2018-20358
An invalid memory address dereference was discovered in the ltprediction function of libfaad/ltpredict.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service...