CVE-2020-35381
jsonparser 1.0.0 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a GET call.
Read morejsonparser 1.0.0 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a GET call.
Read morejsonparser 1.0.0 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a GET call.
Read moreThe Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for Everyone in the “%SYSTEMDRIVE%\Pearson VUE” directory, which allows local users to obtain administrative privileges via a Trojan horse application.
Read moreAn issue was discovered in Viki Vera 4.9.1.26180. A user without access to a project could download or upload project files by opening the Project URL directly in the browser after logging in.
Read moreAn issue was discovered in Viki Vera 4.9.1.26180. A user without access to a project could download or upload project files by opening the Project URL directly in the browser after logging in.
Read moreAn issue was discovered in the rocket crate before 0.4.5 for Rust. LocalRequest::clone creates more than one mutable references to the same object, possibly causing a data race.
Read morePosted by Egidio Romano on Jan 06 —————————————————————————– IPS Community Suite <= 4.5.4 (Downloads REST API) SQL Injection Vulnerability —————————————————————————–
Read morePosted by malvuln on Jan 06 Discovery / credits: malvuln – Malvuln.com (c) 2021 Original source:https://malvuln.com/advisory/79d9908b6769e64f922e74a090f5ceeb.txt Contact: malvuln13 () gmail
Read morePosted by Balázs Hambalkó on Jan 06 Hi, Vendor: Files.com Product: Fat Client Tested version: 3.3.6 but newer version high
Read morePosted by Aki Tuomi on Jan 06 Open-Xchange Security Advisory 2021-01-04 Product: Dovecot Vendor: OX Software GmbH Internal reference: DOP-2009
Read moreDrayTek Vigor2960 1.5.1 allows remote command execution via shell metacharacters in a toLogin2FA action to mainfunction.cgi.
Read moreDrayTek Vigor2960 1.5.1 allows remote command execution via shell metacharacters in a toLogin2FA action to mainfunction.cgi.
Read morePosted by Zinaida Benenson on Dec 29 The University of Erlangen-Nuremberg (Germany) is conducting a research study to test the
Read morePosted by Mark E. Jeftovic on Dec 29 Is there a transposition typo in the Mac OSX version number? *Fixed
Read morePosted by Reed Loden on Dec 25 Due to a process fail, this CVE ID was accidentally reused for another
Read morePosted by CarolinaCon on Dec 25 We hope this email finds you well. This year has had its challenges and
Read morePosted by Reed Loden on Dec 25 Due to a process fail, this CVE ID was accidentally reused for another
Read morePosted by Ilia Shnaidman on Dec 25 [+] Credits: Ilia Shnaidman [+] @0x496c on Twitter [+] https://www.iliashn.com Vendor: ============= Philips
Read morePosted by Jason Geffner on Dec 25 Thanks, Reed. I’ve updated the GitHub repository name to reflect this change. The
Read morePosted by Asterisk Security Team on Dec 22 Asterisk Project Security Advisory – AST-2020-004 Product Asterisk Summary Remote crash in
Read morePosted by Asterisk Security Team on Dec 22 Asterisk Project Security Advisory – AST-2020-003 Product Asterisk Summary Remote crash in
Read morePosted by Moe Szyslak on Dec 21 Rocket.Chat has fixed a server-side path traversal vulnerability that may be abused to
Read morePosted by houjingyi on Dec 21 Video and POC here : https://www.youtube.com/watch?v=hAPkSGxh9H0 When you open a project in android studio,
Read morePosted by Adan Alvarez on Dec 21 Details ======= Subject: Local Privilege Escalation Product: SUPREMO by Nanosystems S.r.l. Vendor Homepage:
Read more