BA SYSTEMS BAS Web on BAS920 devices (with Firmware 01.01.00*, HTTPserv 00002, and Script 02.*) and ISC2000 devices allows remote attackers to obtain sensitive information via a request for isc/get_sid_js.aspx or isc/get_sid.aspx, as demonstrated...
** DISPUTED ** In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue. Date published : 2017-12-29 http://www.securityfocus.com/bid/102331...
The test_sql_and_script_inject function in htdocs/main.inc.php in Dolibarr ERP/CRM 6.0.4 blocks some event attributes but neither onclick nor onscroll, which allows XSS. Date published : 2017-12-29 https://github.com/Dolibarr/dolibarr/issues/8000
A buffer overflow vulnerability in NetTransport.exe in NetTransport Download Manager 2.96L and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long HTTP response. Date published : 2017-12-29...
cgi/surgeftpmgr.cgi (aka the Web Manager interface on TCP port 7021 or 9021) in NetWin SurgeFTP version 23f2 has XSS via the classid, domainid, or username parameter. Date published : 2017-12-29 https://packetstormsecurity.com/files/145572/NetWin-SurgeFTP-23f2-Cross-Site-Scripting.html
** DISPUTED ** SQL injection vulnerability in the ‘reorder’ method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the ‘name’ parameter. NOTE: The vendor disputes this...
** DISPUTED ** SQL injection vulnerability in the ‘order’ method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the ‘id desc’ parameter. NOTE: The vendor disputes...
** DISPUTED ** SQL injection vulnerability in the ‘where’ method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the ‘id’ parameter. NOTE: The vendor disputes this...
** DISPUTED ** SQL injection vulnerability in the ‘find_by’ method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the ‘name’ parameter. NOTE: The vendor disputes this...
On Hoermann BiSecur devices before 2018, a vulnerability can be exploited by recording a single radio transmission. An attacker can intercept an arbitrary radio frame exchanged between a BiSecur transmitter and a receiver to...
ZyXEL P-660HW v3 devices allow remote attackers to cause a denial of service (CPU consumption) via a flood of IP packets with a TTL of 1. Date published : 2017-12-29 https://www.zyxel.com/support/announcement_denial_of_service.shtml http://packetstormsecurity.com/files/145548/ZyXEL-P-660HW-TTL-Expiry-Denial-Of-Service.html
OpenCV 3.3.1 has a Buffer Overflow in the cv::PxMDecoder::readData function in grfmt_pxm.cpp, because an incorrect size value is used. Date published : 2017-12-29 http://www.securityfocus.com/bid/102974 https://github.com/opencv/opencv/issues/10351
Cross-site scripting (XSS) vulnerability in the _keyify function in mistune.py in Mistune before 0.8.1 allows remote attackers to inject arbitrary web script or HTML by leveraging failure to escape the "key" argument. Date published...
Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types...