5 matches found
CVE-2021-32198
EmTec ZOC through 8.02.4 allows remote servers to cause a denial of service Windows GUI hang by telling the ZOC window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. In other words, it does not implement a usleep or similar delay upon...
PuTTY 安全漏洞
PuTTY is a suite of free Telnet, Rlogin and SSH client software from the individual developer Simon Tatham. The software is primarily used for remote administration of Linux systems. A security vulnerability exists in PuTTY versions prior to 0.75, which stems from allowing a remote server to caus...
PT-2021-4283 · Putty +1 · Putty +1
Name of the Vulnerable Software and Affected Versions: PuTTY versions prior to 0.75 Description: The issue allows remote servers to cause a denial of service by repeatedly changing the PuTTY window title at high speed, resulting in many SetWindowTextA or SetWindowTextW calls. This can cause the...
The vulnerability of the MantisBT error tracking system allows a hacker to execute arbitrary HTML or JavaScript code.
The vulnerability of the MantisBT error tracking system’s component exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary HTML or JavaScript code through changes to the windowtitle element...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation. WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, whi...