71 matches found
SUSE CVE-2020-16599
A Null Pointer Dereference vulnerability exists in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.35, in bfdelfgetsymbolversionstring, as demonstrated in nm-new, that can cause a denial of service via a crafted file...
CVE-2022-35861
pyenv 1.2.24 through 2.3.2 allows local users to gain privileges via a .python-version file in the current working directory. An attacker can craft a Python version string in .python-version to execute shims under their control. Shims are executables that pass a command along to a specific versio...
CVE-2022-35861
pyenv 1.2.24 through 2.3.2 allows local users to gain privileges via a .python-version file in the current working directory. An attacker can craft a Python version string in .python-version to execute shims under their control. Shims are executables that pass a command along to a specific versio...
GNU Binutils Code Problem Vulnerability
GNU Binutils GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide linkers, assemblers, and other tools for target files and archives. A...
GNU Binutils 代码问题漏洞
GNU Binutils GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide linkers, assemblers, and other tools for target files and archives. A...
systemd security, bug fix, and enhancement update
239-40.0.1 - backport upstream pstore tmpfiles patch Orabug: 31420486 - udev rules: fix memory hot add and remove Orabug: 31310273 - fix to enable systemd-pstore.service Orabug: 30951066 - journal: change support URL shown in the catalog entries Orabug: 30853009 - fix to generate...
July 9, 2019—KB4507452 (Monthly Rollup)
July 9, 2019—KB4507452 Monthly Rollup Customers who have applied KB4489887 or later Monthly Rollup Packages to Microsoft Server 2008 SP2 may notice a change to the operating system version string. The “build number” component of the version string increases by 1, and the revision number decreases...
docker-engine security update
17.06.2.ol-1.0.6 - update the version string of runc to show the CVE fixed 17.06.2.ol-1.0.4 - build using Go 1.10.8 - apply fix for runc CVE-2019-5736 17.06.2.ol-1.0.3 - spec: do not replace config files Jacob Wen Orabug: 28235986...
Yi Technology Home Camera 27US Firmware 7z CRC Collision Vulnerability
Summary An exploitable code execution vulnerability exists in the firmware update functionality of the Yi Home Camera 27US 1.8.7.0D. A specially crafted 7-Zip file can cause a CRC collision, resulting in a firmware update and code execution. An attacker can insert an SDcard to trigger this...
CVE-2018-10102
Before WordPress 4.9.5, the version string was not escaped in the getthegenerator function, and could lead to XSS in a generator tag...
CVE-2018-10102
Before WordPress 4.9.5, the version string was not escaped in the getthegenerator function, and could lead to XSS in a generator tag...
CVE-2018-10102
Before WordPress 4.9.5, the version string was not escaped in the getthegenerator function, and could lead to XSS in a generator tag...
Design/Logic Flaw
Before WordPress 4.9.5, the version string was not escaped in the getthegenerator function, and could lead to XSS in a generator tag...
WordPress Cross-Site Scripting Vulnerability (CNVD-2018-08609)
WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the generator tag in WordPress versions prior to 4.9.5, which...
CVE-2018-10102
Before WordPress 4.9.5, the version string was not escaped in the getthegenerator function, and could lead to XSS in a generator tag...
CVE-2018-10102
Before WordPress 4.9.5, the version string was not escaped in the getthegenerator function, and could lead to XSS in a generator tag...
wordpress -- multiple issues
wordpress developers reports: Don't treat localhost as same host by default. Use safe redirects when redirecting the login page if SSL is forced. Make sure the version string is correctly escaped for use in generator tags...
CVE-2017-17788
In GIMP 2.8.22, there is a stack-based buffer over-read in xcfloadstream in app/xcf/xcf.c when there is no '\0' character after the version string...
CVE-2017-17788
In GIMP 2.8.22, there is a stack-based buffer over-read in xcfloadstream in app/xcf/xcf.c when there is no '\0' character after the version string...
DEBIAN-CVE-2017-17788
In GIMP 2.8.22, there is a stack-based buffer over-read in xcfloadstream in app/xcf/xcf.c when there is no '\0' character after the version string...