CVE-2020-35542
Unisys Data Exchange Management Studio through 5.0.34 doesn't sanitize the input to a HTML document field. This could be used for an XSS attack. Devamını Oku
Devamını oku
CVE-2020-17517
The S3 buckets and keys in a secure Apache Ozone Cluster must be inaccessible to anonymous access by default. The current security vulnerability allows access to keys and buckets through a curl command or an unauthenticated HTTP request. This enables unauthorized access to buckets and keys thereby exposing data to anonymous clients or users. This…
CVE-2019-25031
Unbound before 1.9.5 allows configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session. Devamını Oku
CVE-2019-25032
Unbound before 1.9.5 allows an integer overflow in the regional allocator via regional_alloc. Devamını Oku
CVE-2019-25033
Unbound before 1.9.5 allows an integer overflow in the regional allocator via the ALIGN_UP macro. Devamını Oku
CVE-2019-25034
Unbound before 1.9.5 allows an integer overflow in sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write. Devamını Oku
CVE-2019-25035
Unbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token_par. Devamını Oku
CVE-2019-25036
Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname. Devamını Oku
CVE-2019-25037
Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid packet. Devamını Oku
CVE-2019-25038
Unbound before 1.9.5 allows an integer overflow in a size calculation in dnscrypt/dnscrypt.c. Devamını Oku
CVE-2019-25039
Unbound before 1.9.5 allows an integer overflow in a size calculation in respip/respip.c. Devamını Oku
CVE-2019-25040
Unbound before 1.9.5 allows an infinite loop via a compressed name in dname_pkt_copy. Devamını Oku