CVE-2020-25483

An arbitrary command execution vulnerability exists in the fopen function of file writes of UCMS v1.4.8, where an attacker can gain access to the server...

Command injection

An arbitrary command execution vulnerability exists in the fopen function of file writes of UCMS v1.4.8, where an attacker can gain access to the server...

CVE-2020-25483

An arbitrary command execution vulnerability exists in the fopen function of file writes of UCMS v1.4.8, where an attacker can gain access to the server...

CVE-2020-25483

UCMS v1.4.8 contains an arbitrary command execution vulnerability in the fopen() function used for file writes. The issue stems from UCMS’s handling of file writes, enabling an attacker to gain access to the server. Public references from NVD, Red Hat, CNVD and others corroborate the vulnerabilit...

CVE-2019-13120

Amazon FreeRTOS up to and including v1.4.8 lacks length checking in prvProcessReceivedPublish, resulting in untargetable leakage of arbitrary memory contents on a device to an attacker. If an attacker has the authorization to send a malformed MQTT publish packet to an Amazon IoT Thing, which...

Moderate squirrelmail security update

1.4.8-2.1 - remove banners 1.4.8-2 - more Japanese filename fixes 195639 1.4.8-1 - 1.4.8 release with CVE-2006-4019 and upstream bug fixes 1.4.7-5 - More JP translation updates 194598 1.4.7-4 - Fix fatal typo in configlocal.php 198306 1.4.7-2 - Move sqspellconfig.php to /etc and mark it...