CVE-2012-5389
NULL Pointer Dereference in PowerTCP WebServer for ActiveX 1.9.2 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted HTTP request.
Source: CVE-2012-5389
[월:] 2020년 01월
CVE-2012-5340
CVE-2012-5340
SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file.
Source: CVE-2012-5340
CVE-2020-7941
CVE-2020-7941
A privilege escalation issue in plone.app.contenttypes in Plone 4.3 through 5.2.1 allows users to PUT (overwrite) some content without needing write permission.
Source: CVE-2020-7941
CVE-2020-7940
CVE-2020-7940
Missing password strength checks on some forms in Plone 4.3 through 5.2.0 allow users to set weak passwords, leading to easier cracking.
Source: CVE-2020-7940
CVE-2020-7939
CVE-2020-7939
SQL Injection in DTML or in connection objects in Plone 4.0 through 5.2.1 allows users to perform unwanted SQL queries. (This is a problem in Zope.)
Source: CVE-2020-7939
CVE-2020-7938
CVE-2020-7938
plone.restapi in Plone 5.2.0 through 5.2.1 allows users with a certain privilege level to escalate their privileges up to the highest level.
Source: CVE-2020-7938
CVE-2020-7937
CVE-2020-7937
An XSS issue in the title field in Plone 5.0 through 5.2.1 allows users with a certain privilege level to insert JavaScript that will be executed when other users access the site.
Source: CVE-2020-7937
CVE-2020-7936
CVE-2020-7936
An open redirect on the login form (and possibly other places) in Plone 4.0 through 5.2.1 allows an attacker to craft a link to a Plone Site that, when followed, and possibly after login, will redirect to an attacker’s site.
Source: CVE-2020-7936
CVE-2019-19898
CVE-2019-19898
In IXP EasyInstall 6.2.13723, there are cleartext credentials in network communication on TCP port 20050 when using the Administrator console remotely.
Source: CVE-2019-19898
CVE-2015-5333
CVE-2015-5333
Memory leak in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates.
Source: CVE-2015-5333