6 matches found
Astra Linux – Vulnerability in node-loader-utils
A prototype pollution vulnerability exists in the parseQuery function in parseQuery.js, within the webpack-loader-utils module. This issue affects all versions prior to 1.4.1 and 2.0.3...
CVE-2026-1554
XML Injection aka Blind XPath Injection vulnerability in Drupal Central Authentication System CAS Server allows Privilege Escalation.This issue affects Central Authentication System CAS Server: from 0.0.0 before 2.0.3, from 2.1.0 before 2.1.2...
servst 路径遍历漏洞
servst is a simple file server by the individual developer Andrey Polischuk. A security vulnerability exists in servst versions prior to 2.0.3, which stems from the mishandling of the filePath variable that allows an attacker to implement directory traversal...
PT-2022-17233
Name of the Vulnerable Software and Affected Versions set-in versions prior to 2.0.3 Description The issue allows an attacker to perform Prototype Pollution via the setIn method, enabling them to merge object prototypes into it. This problem stems from an incomplete fix of a previous issue...
CVE-2016-8016
Information exposure in Intel Security VirusScan Enterprise Linux VSEL 2.0.3 and earlier allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter...
UBUNTU-CVE-2016-4082
epan/dissectors/packet-gsmcbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause a denial of service out-of-bounds access and application crash via a crafted packet...