An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDmemset. Date published : 2018-07-10 https://github.com/TeamSeri0us/pocs/tree/master/hdf5
An issue was discovered in the HDF HDF5 1.8.20 library. There is a buffer over-read in H5O_chunk_deserialize in H5Ocache.c. Date published : 2018-07-10 https://github.com/TeamSeri0us/pocs/tree/master/hdf5
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5G_ent_decode in H5Gent.c. Date published : 2018-07-10 https://github.com/TeamSeri0us/pocs/tree/master/hdf5
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5FL_blk_malloc in H5FL.c. Date published : 2018-07-10 https://github.com/TeamSeri0us/pocs/tree/master/hdf5
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_link_decode in H5Olink.c. Date published : 2018-07-10 https://github.com/TeamSeri0us/pocs/tree/master/hdf5
An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5O_link_decode in H5Olink.c. Date published : 2018-07-10 https://github.com/TeamSeri0us/pocs/tree/master/hdf5
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_fill_old_decode in H5Ofill.c. Date published : 2018-07-10 https://github.com/TeamSeri0us/pocs/tree/master/hdf5
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5F__accum_read in H5Faccum.c. Date published : 2018-07-10 https://github.com/TeamSeri0us/pocs/tree/master/hdf5
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer over-read in the function H5F_addr_decode_len in H5Fint.c. Date published : 2018-07-10 https://github.com/TeamSeri0us/pocs/tree/master/hdf5
An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists via the callback parameter in a public/api.php uploadpic request, bypassing the iWAF protection mechanism. Date published : 2018-07-10 https://github.com/idreamsoft/iCMS/issues/27
The MongoDB bson JavaScript module (also known as js-bson) versions 0.5.0 to 1.0.x before 1.0.5 is vulnerable to a Regular Expression Denial of Service (ReDoS) in lib/bson/decimal128.js. The flaw is triggered when the Decimal128.fromString()...
The "Firebase Cloud Messaging (FCM) + Advance Admin Panel" component supporting Firebase Push Notification on iOS (through 2017-10-26) allows SQL injection via the /advance_push/public/login username parameter. Date published : 2018-07-10 https://cxsecurity.com/issue/WLB-2018070096
edit_requests.php in yTakkar Instagram-clone through 2018-04-23 has XSS via an onmouseover payload because of an inadequate XSS protection mechanism based on preg_replace. Date published : 2018-07-10 https://www.exploit-db.com/exploits/45003/ https://cxsecurity.com/issue/WLB-2018070095
An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StszAtom::GetSampleSize in Core/Ap4StszAtom.cpp. Date published : 2018-07-10 https://github.com/axiomatic-systems/Bento4/issues/285