CVE-2016-10742
Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter.
Source: CVE-2016-10742
[월:] 2019년 02월
CVE-2019-8343
CVE-2019-8343
In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in paste_tokens in asm/preproc.c.
Source: CVE-2019-8343
CVE-2019-8341
CVE-2019-8341
An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as a template object, renders it, and then returns it. The attacker can exploit it with {{INJECTION COMMANDS}} in a URI.
Source: CVE-2019-8341
CVE-2019-6589
CVE-2019-6589
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, and 11.6.0-11.6.3.2, a reflected Cross Site Scripting (XSS) vulnerability is present in an undisclosed page of the BIG-IP TMUI (Traffic Management User Interface) also known as the BIG-IP configuration utility.
Source: CVE-2019-6589
CVE-2018-6267
CVE-2018-6267
NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software does not validate or incorrectly validates input that can affect the control flow or data flow of a program, which may lead to denial of service or escalation of privileges. Android ID: A-70857947.
Source: CVE-2018-6267
CVE-2018-6268
CVE-2018-6268
NVIDIA Tegra library contains a vulnerability in libnvmmlite_video.so, where referencing memory after it has been freed may lead to denial of service or possible escalation of privileges. Android ID: A-80433161.
Source: CVE-2018-6268
CVE-2018-6271
CVE-2018-6271
NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges. Android ID: A-80198474.
Source: CVE-2018-6271
CVE-2018-19008
CVE-2018-19008
The TextEditor 2.0 in ABB CP400 Panel Builder versions 2.0.7.05 and earlier contain a vulnerability in the file parser of the Text Editor wherein the application doesn’t properly prevent the insertion of specially crafted files which could allow arbitrary code execution.
Source: CVE-2018-19008
CVE-2019-8337
CVE-2019-8337
In msmtp 1.8.2, when tls_trust_file has its default configuration, certificate-verification results are not properly checked.
Source: CVE-2019-8337
CVE-2019-5915
CVE-2019-5915
Open redirect vulnerability in OpenAM (Open Source Edition) 13.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page.
Source: CVE-2019-5915