Allocation of Resources Without Limits or Throttling

Overview brotlicffi is a Python CFFI bindings to the Brotli library Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to missing limits on decompressed output size in the Decompressor.decompress and Decompressor.process methods. These...

SonicWALL Switch 命令注入漏洞

SonicWALL Switch is a switch from SonicWALL, Inc. An input validation error vulnerability exists in SonicWALL Switch versions prior to 1.2.0.0-3, which stems from insufficient validation of user-supplied input and can be exploited by a remote attacker to execute arbitrary code on the device...

Dynacolor FCM-MB40 Command Injection Vulnerability

Dynacolor FCM-MB40 is an IP camera from Dynacolor, Taiwan, China. A security vulnerability exists in the Dynacolor FCM-MB40 v1.2.0.0. A remote attacker can exploit the vulnerability to execute arbitrary code with the help of specially crafted parameters...

Dynacolor FCM-MB40 Trust Management Issues Vulnerability

Dynacolor FCM-MB40 is an IP camera from Dynacolor, Taiwan, China. A trust management issue vulnerability exists in the Dynacolor FCM-MB40 v1.2.0.0. The vulnerability stems from the lack of an effective trust management mechanism in the network system or product. An attacker can exploit default...

Charamin OMP Untrustworthy Search Path Vulnerability

Charamin OMP is a media player that automatically generates dance animations by analyzing music files. An untrustworthy search path vulnerability exists in Charamin OMP versions 1.1.7.4 and earlier and 1.2.0.0 Beta and earlier. An attacker can exploit this vulnerability to gain privileges with th...

JVN#09293613: Installer of Charamin OMP may insecurely load Dynamic Link Libraries

The installer of Charamin OMP provided by Charamin steering committee contains an issue with the DLL search path, which may lead to insecurely load Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the latest...

CVE-2017-2190

Untrusted search path vulnerability in RW-4040 tool to verify execution environment for Windows 7 version 1.2.0.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

Sharp RW-4040 for Windows Untrusted Search Path Vulnerability

Sharp RW-4040 for Windows is a tool for Windows-based IC card readers from Sharp Japan that can be used to verify the execution environment. An untrustworthy search path vulnerability exists in Sharp RW-4040 for Windows version 7 1.2.0.0. An attacker can exploit this vulnerability to gain...

Cross site request forgery (csrf)

socat 1.2.0.0 before 1.7.2.2 and 2.0.0-b1 before 2.0.0-b6, when used for a listen type address and the fork option is enabled, allows remote attackers to cause a denial of service file descriptor consumption via multiple request that are refused based on the 1 sourceport, 2 lowport, 3 range, or 4...

WordPress Plugin Annonces 1.2.0.0 - Remote File Inclusion

WordPress Plugin Annonces 1.2.0.0 - Remote File Inclusion Exploit Title: Annonces Wordpress plugin RFI Google Dork: inurl:wp-content/plugins/annonces Date: 09/19/2011 Author: Ben Schmidt supernothing AT spareclockcycles.org @supernothing Software Link:...