17 matches found
CVE-2026-1395
The Gutentools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Slider block's blockid attribute in all versions up to, and including, 1.1.3. This is due to insufficient input sanitization and output escaping combined with a custom unescaping routine that reintroduce...
MiracleLinux 4 : glibc-2.12-1.212.AXS4 (AXSA:2018-3156:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3156:01 advisory. glibc: Buffer overflow in glob with GLOBTILDE CVE-2017-15670 glibc: Buffer overflow during unescaping of user names with the operator CVE-2017-15804...
EUVD-2017-7227
Malware in sbrugna...
RCE-Foryou
RCE-Foryou Python tool for safely testing and exploiting RCE v...
CVE-2022-34172
In Jenkins 2.340 through 2.355 both inclusive symbol-based icons unescape previously escaped values of 'tooltip' parameters, resulting in a cross-site scripting XSS vulnerability...
NewStart CGSL MAIN 4.05 : glibc Multiple Vulnerabilities (NS-SA-2019-0142)
The remote NewStart CGSL host, running version MAIN 4.05, has glibc packages installed that are affected by multiple vulnerabilities: - The GNU C Library aka glibc or libc6 before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to...
BSA-2018-616
Security Advisory ID : BSA-2018-616 Component : bzip2recover Revision : 2.0 The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27 contains a buffer overflow during unescaping of user names with the operator. Affected Products Security update provided inBrocade Fabric OS...
curl: escape and unescape integer overflows
Multiple integer overflow flaws leading to heap-based buffer overflows were found in the way curl handled escaping and unescaping of data. An attacker could potentially use these flaws to crash an application using libcurl by sending a specially crafted input to the affected libcurl functions...
glibc: Buffer overflow during unescaping of user names with the ~ operator
The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27 contains a buffer overflow during unescaping of user names with the operator...
glibc: Buffer overflow during unescaping of user names with the ~ operator
The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27 contains a buffer overflow during unescaping of user names with the operator...
EulerOS 2.0 SP1 : glibc (EulerOS-SA-2017-1267)
According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The GNU C Library aka glibc or libc6 before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in...
DEBIAN-CVE-2017-15804
The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27 contains a buffer overflow during unescaping of user names with the operator...
CVE-2017-15804
The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27 contains a buffer overflow during unescaping of user names with the operator...
CVE-2017-15804
The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27 contains a buffer overflow during unescaping of user names with the operator...
UBUNTU-CVE-2017-15804
The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27 contains a buffer overflow during unescaping of user names with the operator...
cURL -- Escape and unescape integer overflows
The cURL project reports The four libcurl functions curlescape, curleasyescape, curlunescape and curleasyunescape perform string URL percent escaping and unescaping. They accept custom string length inputs in signed integer arguments. The provided string length arguments were not properly checked...
Red Hat Fedora目录服务器HTTP非转义函数缓冲区溢出漏洞
BUGTRAQ ID: 31106 CVE ID:CVE-2008-2932 CNCVE ID:CNCVE-20082932 Red Hat Fedora Directory Server是一款目录服务程序。 Red Hat Fedora Directory Server adminutil不正确处理用户输入,远程攻击者可以利用漏洞进行缓冲区溢出,以应用程序权限执行任意指令。 adminutil是一款Red Hat / Fedora Directory Server附带的多个CGI脚本使用的通用函数库。 adminutil...