Because strcat is misused, there is a stack-based buffer overflow that does not require authentication.Īn issue was discovered in LATRIX 0.6.0. Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to bypass the add_issue_notes permission requirement by leveraging the Issues API.Ĭomposr 10.0.36 allows upload and execution of PHP files.Īn issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices. state is not validated to be two letters, and the OrderBy field is not validated to be one of LASTNAME, CITY, or STATE. ![]() There is a SQL Injection vulnerability in PHP-Nuke 8.3.3 in the User Registration section, leading to remote code execution. A user-provided Read instance receives an uninitialized memory buffer from KeyValueReader. clone panic.Īn issue was discovered in the outer_cgi crate before 0.2.1 for Rust. A double free can occur in IdMap::clone_from upon a. ![]() ![]() A double free can occur in get_or_insert upon a panic of a user-provided f function.Īn issue was discovered in the id-map crate through for Rust. A double free can occur in remove_set upon a panic in a Drop impl.Īn issue was discovered in the id-map crate through for Rust. ![]() An issue was discovered in the id-map crate through for Rust.
0 Comments
Leave a Reply. |