Several buffer overflows when handling responses from a Gemsafe V1 Smartcard in gemsafe_get_cert_len in libopensc/pkcs15-gemsafeV1.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of...
Several buffer overflows when handling responses from a TCOS Card in tcos_select_file in libopensc/card-tcos.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service...
Several buffer overflows when handling responses from a Muscle Card in muscle_list_files in libopensc/card-muscle.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service...
An issue was discovered in Elefant CMS before 2.0.5. There is a CSRF vulnerability that can add an account via user/add. Date published : 2018-09-02 https://github.com/jbroadway/elefant/issues/285
ThinkPHP before 5.1.23 allows SQL Injection via the public/index/index/test/index query string. Date published : 2018-09-02 https://github.com/top-think/framework/issues/1375
A SQL injection bypass (aka PL1 bypass) exists in OWASP ModSecurity Core Rule Set (owasp-modsecurity-crs) through v3.1.0-rc3 via {`a`b} where a is a special function name (such as "if") and b is the SQL...
Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in x86/regflags.c. Date published : 2018-09-02 https://bugzilla.nasm.us/show_bug.cgi?id=3392503 http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html
An issue was discovered in Ogma CMS 0.4 Beta. There is a CSRF vulnerability in users.php?action=createnew that can add an admin account. Date published : 2018-09-02 https://github.com/n00dles/ogma-CMS/issues/39
Ogma CMS 0.4 Beta has XSS via the "Footer Text footer" field on the "Theme/Theme Options" screen. Date published : 2018-09-02 https://github.com/n00dles/ogma-CMS/issues/38
An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or...
An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow. Date published : 2018-09-02 http://www.securityfocus.com/bid/105266 https://github.com/uclouvain/openjpeg/issues/1126
Frog CMS 0.9.5 has stored XSS via /admin/?/plugin/comment/settings. Date published : 2018-09-02 https://github.com/philippe/FrogCMS/issues/14
Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/file_manager/save. Date published : 2018-09-02 https://github.com/philippe/FrogCMS/issues/13
The issue was discovered in IdeaCMS through 2016-04-30. There is reflected XSS via the index.php?c=content&a=search kw parameter. NOTE: this product is discontinued. Date published : 2018-09-02 https://github.com/iechoo/ideacms/issues/1