14 matches found
CVE-2023-22514
This High severity RCE Remote Code Execution vulnerability was introduced in version 3.4.14 of Sourcetree for Mac and Sourcetree for Windows. This RCE Remote Code Execution vulnerability, with a CVSS Score of 7.8, and a CVSS Vector of: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H which allows an...
GHSA-2R53-9295-3M86 Statamic CMS vulnerable to remote code execution via form uploads
Impact Similar to another advisory, certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fields in the control panel. Patches It has been patched in 3.4.14 and...
Input validation
Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fiel...
Atlassian Sourcetree Remote Code Execution Vulnerability
Atlassian Sourcetree is a free Git and Mercurial client tool from Atlassian Australia that manages repositories using a visual interface. A remote code execution vulnerability exists in Atlassian Sourcetree version 3.4.14, which stems from a security flaw in a component or feature that allows an...
CVE-2021-4185 affecting package wireshark for versions less than 3.4.14-1
CVE-2021-4185 affecting package wireshark for versions less than 3.4.14-1. An upgraded version of the package is available that resolves this issue...
CVE-2021-22222 affecting package wireshark for versions less than 3.4.14-1
CVE-2021-22222 affecting package wireshark for versions less than 3.4.14-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-0585 affecting package wireshark for versions less than 3.4.14-1
CVE-2022-0585 affecting package wireshark for versions less than 3.4.14-1. An upgraded version of the package is available that resolves this issue...
CVE-2021-39929 affecting package wireshark for versions less than 3.4.14-1
CVE-2021-39929 affecting package wireshark for versions less than 3.4.14-1. An upgraded version of the package is available that resolves this issue...
CVE-2021-22235 affecting package wireshark for versions less than 3.4.14-1
CVE-2021-22235 affecting package wireshark for versions less than 3.4.14-1. An upgraded version of the package is available that resolves this issue...
CVE-2021-39923 affecting package wireshark for versions less than 3.4.14-1
CVE-2021-39923 affecting package wireshark for versions less than 3.4.14-1. An upgraded version of the package is available that resolves this issue...
AZL-8612 CVE-2022-0581 affecting package wireshark for versions less than 3.4.14-1
Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file...
AZL-7412 CVE-2021-39924 affecting package wireshark for versions less than 3.4.14-1
Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file...
AZL-7411 CVE-2021-39923 affecting package wireshark for versions less than 3.4.14-1
Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file...
Apache ZooKeeper < 3.4.14, 3.5.0-alpha - 3.5.4-beta Information Disclosure Vulnerability
Apache ZooKeeper is prone to an information disclosure vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...