A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in one or more leaf switches being removed from…
Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows attackers to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizer.cpp'. Devamını Oku
Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147. Devamını Oku
Buffer Overflow in Tcpreplay v4.3.2 allows attackers to cause a Denial of Service via the 'do_checksum' function in 'checksum.c'. It can be triggered by sending a crafted pcap file to the 'tcpreplay-edit' binary. This issue is different than CVE-2019-8381. Devamını Oku
Stack-based Buffer Overflow in PoDoFo v0.9.6 allows attackers to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65'. Devamını Oku
The AP4_CttsAtom class in Core/Ap4CttsAtom.cpp in Bento4 1.5.1.0 allows remote attackers to cause a denial of service (application crash), related to a memory allocation failure, as demonstrated by mp2aac. Devamını Oku
The AP4_CttsAtom class in Core/Ap4CttsAtom.cpp in Bento4 1.5.1.0 allows remote attackers to cause a denial of service (application crash), related to a memory allocation failure, as demonstrated by mp2aac. Devamını Oku
The plus/search.php component in DedeCMS 5.7 SP2 allows remote attackers to execute arbitrary PHP code via the typename parameter because the contents of typename.inc are under an attacker's control. Devamını Oku
EARCLINK ESPCMS-P8 was discovered to contain a SQL injection vulnerability in the espcms_web/Search.php component via the attr_array parameter. This vulnerability allows attackers to access sensitive database information. Devamını Oku
All versions of package startserver are vulnerable to Directory Traversal due to missing sanitization. Devamını Oku
The package joplin before 2.3.2 are vulnerable to Cross-site Request Forgery (CSRF) due to missing CSRF checks in various forms. Devamını Oku
All versions of package transpile are vulnerable to Denial of Service (DoS) due to a lack of input sanitization or whitelisting, coupled with improper exception handling in the .to() function. Devamını Oku