10 matches found
GHSA-M8F9-9WHG-F4XR Open WebUI has stored XSS via attacker-controlled file extension in /api/v1/audio/transcriptions
Summary The audio transcription upload endpoint takes the file extension from the user-supplied filename and saves the file under CACHEDIR/audio/transcriptions/.. The /cache/path route serves these files via FileResponse, which sets Content-Type from the on-disk extension and emits no...
FACTION 安全漏洞
Faction is an open source pen inspection report generation and evaluation collaboration framework from Faction Security. A security vulnerability exists in FACTION versions prior to 1.7.1 that stems from an extension execution path that allows untrusted extension code to execute arbitrary system...
SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2017:1386-1)
This update for java-180-ibm fixes the following issues: Version update bsc1038505 : - CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c - CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c - CVE-2016-9842: zlib: Undefined left shift of negative number -...
SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2017:1384-1)
This update for java-170-ibm fixes the following issues: Version update to 7.0-10.5 bsc1038505 - CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c - CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c - CVE-2016-9842: zlib: Undefined left shift of negative number ...
OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528)
An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges...
OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528)
An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges...
OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528)
An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges...
OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528)
An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges...
OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528)
An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges...
OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528)
An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges...