3 matches found
GNU Bison before 3.5.4 allows attackers to cause a denial of service (application crash). NOTE: there is a risk only if Bison is used with untrusted input, and an observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug reports were intended to show that a crash may occur in Bison itself, not that a crash may occur in code that is generated by Bison.
...
ProcessMaker 代码问题漏洞
ProcessMaker is a Php-written site builder for business process management BPM and workflow management from ProcessMaker Inc. in the United States. A security vulnerability exists in ProcessMaker versions prior to 3.5.4 that stems from improper handling of plugin uploads, which could lead to remo...
PT-2020-13708 · Phplist · Phplist
Name of the Vulnerable Software and Affected Versions: phpList versions prior to 3.5.4 Description: The issue allows for XSS attacks via the "/lists/admin/user.php" and "/lists/admin/users.php" API endpoints. This can potentially lead to malicious script execution. Recommendations: For versions...