FreeBSD -- Bhyve out-of-bounds read in XHCI device

Problem Description: The pcixhcidevicedoorbell function does not validate the 'epid' and 'streamid' provided by the guest, leading to an out-of-bounds read. Impact: A misbehaving bhyve guest could crash the system or access memory that it should not be able to...

Eventum Cross-Site Scripting Vulnerability (CNVD-2019-39386)

Eventum is a defect tracking system. The system is used to track inbound technical support, organizational tasks, bugs, etc. A cross-site scripting vulnerability exists in the /htdocs/validate.php file in Eventum version 3.5.0. The vulnerability stems from a lack of proper validation of client-si...

jenkins: Improper escaping of job URLs in f:validateButton leads to cross-site scripting vulnerability.

The f:validateButton form control for the Jenkins UI did not properly escape job URLs in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, resulting in a cross-site scripting XSS vulnerability exploitable by users with the ability to control job names...

CVE-2019-19032

XMLBlueprint through 16.191112 is affected by XML External Entity Injection. The impact is: Arbitrary File Read when an XML File is validated. The component is: XML Validate function. The attack vector is: Specially crafted XML payload...

CVE-2018-19444

A use after free in the TextBox field Validate action in IReaderContentProvider can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031. An attacker can leverage this to gain remote code execution. Relative to CVE-2018-19452, this has a different free locatio...

CVE-2019-0710 Windows Hyper-V Denial of Service Vulnerability

...

PT-2019-11340 · Jenkins · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions prior to 2.171 Jenkins LTS versions prior to 2.164.1 Description: The issue is related to a cross-site scripting XSS vulnerability. It occurs because the f:validateButton form control in the Jenkins UI does not properly escap...

Command Injection in kill-port

Versions of kill-port prior to 1.3.2 are vulnerable to Command Injection. The package does not validate user input on the kill function. This may allow attackers to run arbitrary commands in the system if user input such as the port number is passed directly to the function. Recommendation Upgrad...

[SECURITY] Fedora 29 Update: buildbot-1.8.1-1.fc29

The BuildBot is a system to automate the compile/test cycle required by most software projects to validate code changes. By automatically rebuilding and testing the tree each time something has changed, build problems are pinpointed quickly, before other developers are inconvenienced by the failu...

The vulnerability of the `write_validate_array_item()` function in the SPICE rendering system’s “demarshal.py” file, related to insufficient input data validation, allows attackers to access confidential information or cause service failures.

The vulnerability of the writevalidatearrayitem function in the SPICE rendering system’s “demarshal.py” file is related to message processing errors that lead to buffer overflows. Exploiting this vulnerability allows an attacker to gain access to confidential information or cause service failures...

FreeBSD : Gitlab -- Multiple vulnerabilities (467b7cbe-257d-11e9-8573-001b217b3468)

Gitlab reports : Remote Command Execution via GitLab Pages Covert Redirect to Steal GitHub/Bitbucket Tokens Remote Mirror Branches Leaked by Git Transfer Refs Denial of Service with Markdown Guests Can View List of Group Merge Requests Guest Can View Merge Request Titles via System Notes Persiste...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-17626

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-17626

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-20716

CubeCart before 6.1.13 has SQL Injection via the validate parameter of the "I forgot my Password!" feature...

Sql injection

CubeCart before 6.1.13 has SQL Injection via the validate parameter of the "I forgot my Password!" feature...

privacyIDEA Improper Input Validation vulnerability

privacyIDEA version 2.23.1 and earlier contains a Improper Input Validation vulnerability in token validation api that can result in Denial-of-Service. This attack appear to be exploitable via http request with user=&pass= to /validate/check url. This vulnerability appears to have been fixed in...

SRC-2019-0002 : Foxit Reader SDK ActiveX Pro TextBox Field Validate Use-After-Free Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader SDK ActiveX Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...

Atlassian Jira Authenticated Upload Code Execution Exploit

This Metasploit module can be used to execute a payload on Atlassian Jira via the Universal Plugin ManagerUPM. The module requires valid login credentials to an account that has access to the plugin manager. The payload is uploaded as a JAR archive containing a servlet using a POST request agains...

CVE-2018-17619

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...