CVE-2018-10704
yidashi yii2cmf 2.0 has XSS via the /search q parameter.
Source: CVE-2018-10704
[월:] 2020년 03월
CVE-2017-18350
CVE-2017-18350
bitcoind and Bitcoin-Qt prior to 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used. This results from an integer signedness error when the proxy server responds with an acknowledgement of an unexpected target domain name.
Source: CVE-2017-18350
CVE-2018-19516
CVE-2018-19516
messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications before 18.12.0 does not properly restrict the handling of an http-equiv="REFRESH" value.
Source: CVE-2018-19516
CVE-2019-11355
CVE-2019-11355
An issue was discovered in Poly (formerly Polycom) HDX 3.1.13. A feature exists that allows the creation of a server / client certificate, or the upload of the user certificate, on the administrator’s page. The value received from the user is the factor value of a shell script on the equipment. By entering a special character (such as a single quote) in a CN or other CSR field, one can insert a command into a factor value. A system command can be executed as root.
Source: CVE-2019-11355
CVE-2019-11343
CVE-2019-11343
Torpedo Query before 2.5.3 mishandles the LIKE operator in ConditionBuilder.java, LikeCondition.java, and NotLikeCondition.java.
Source: CVE-2019-11343
CVE-2018-20586
CVE-2018-20586
bitcoind and Bitcoin-Qt prior to 0.17.1 allow injection of arbitrary data into the debug log via an RPC call.
Source: CVE-2018-20586
CVE-2015-3641
CVE-2015-3641
bitcoind and Bitcoin-Qt prior to 0.10.2 allow attackers to cause a denial of service (disabled functionality such as a client application crash) via an "Easy" attack.
Source: CVE-2015-3641
CVE-2020-5961
CVE-2020-5961
NVIDIA vGPU graphics driver for guest OS contains a vulnerability in which an incorrect resource clean up on a failure path can impact the guest VM, leading to denial of service.
Source: CVE-2020-5961
CVE-2020-5959
CVE-2020-5959
NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in the vGPU plugin in which an input index value is incorrectly validated which may lead to denial of service.
Source: CVE-2020-5959
CVE-2020-5960
CVE-2020-5960
NVIDIA Virtual GPU Manager contains a vulnerability in the kernel module (nvidia.ko), where a null pointer dereference may occur, which may lead to denial of service.
Source: CVE-2020-5960