An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing crafted a XML file, performs incorrect memory handling, leading to a heap-based buffer over-read in the "normalize line endings" feature....
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing a crafted XML file, performs incorrect memory handling, leading to NULL pointer dereference while running strlen() on a NULL pointer....
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_ent_ok() mishandles recursion, leading to stack consumption for a crafted XML file. Date published : 2019-12-31 https://sourceforge.net/p/ezxml/bugs/20/
In Nagios XI 5.6.9, an authenticated user is able to execute arbitrary OS commands via shell metacharacters in the id parameter to schedulereport.php, in the context of the web-server user account. Date published :...
In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the listdir function in ls.c. Date published : 2019-12-31 https://lists.fedoraproject.org/archives/list/[email protected]/message/PICL3U2J4EPGBLOE555Y5RAZTQL3WBBV/ https://lists.fedoraproject.org/archives/list/[email protected]/message/AHZG5FPCRMCB6Z3L7FPICC6BZ5ZATFTO/
Avira Free Antivirus 15.0.1907.1514 is prone to a local privilege escalation through the execution of kernel code from a restricted user. Date published : 2019-12-31 https://support.avira.com/hc/en-us/articles/360000109798-Avira-Antivirus-for-Windows
The GOsa_Filter_Settings cookie in GONICUS GOsa 2.7.5.2 is vulnerable to PHP objection injection, which allows a remote authenticated attacker to perform file deletions (in the context of the user account that runs the web...
The Java API in accesuniversitat.gencat.cat 1.7.5 allows remote attackers to get personal information of all registered students via several API endpoints. Date published : 2019-12-31 https://vulnz.avm99963.com/T15
** DISPUTED ** OutSystems Platform 10 through 11 allows ImageResourceDetail.aspx CSRF for content modifications and file uploads. NOTE: The product is self-hosted by the customer, even though it has a *.outsystemsenterprise.com domain name.) NOTE:...
An issue was discovered in Sylius products. Missing input sanitization in sylius/sylius 1.0.x through 1.0.18, 1.1.x through 1.1.17, 1.2.x through 1.2.16, 1.3.x through 1.3.11, and 1.4.x through 1.4.3 and sylius/grid 1.0.x through 1.0.18, 1.1.x...
An issue was discovered in MailStore Server (and Service Provider Edition) 9.x through 11.x before 11.2.2. When the directory service (for synchronizing and authenticating users) is set to Generic LDAP, an attacker is able...
openITCOCKPIT before 3.7.1 has reflected XSS in the 404-not-found component. Date published : 2019-12-31 https://openitcockpit.io/2019/05/21/openitcockpit-3-7-1-released/ https://openitcockpit.io/security/
The isearch package (textproc/isearch) before 1.47.01nb1 uses the tempnam() function to create insecure temporary files into a publicly-writable area (/tmp). Date published : 2019-12-30 http://gnats.netbsd.org/47360 http://www.openwall.com/lists/oss-security/2012/12/21/2
A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets. A remote attacker could send a specially-crafted packet that, when processed would lead to...