A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in validate-color v2.1.0 when handling crafted invalid rgb(a) strings.Read More ...
Continue Reading24 июня, 2022
An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service (DoS).Read More ...
Continue Reading24 июня, 2022
A CWE-668 Exposure of Resource to Wrong Sphere vulnerability exists that could cause users to be misled, hiding alarms, showing the wrong server connection option or the wrong control request when a m ...
Continue Reading24 июня, 2022
The authentication checks of the MELAG FTP Server in version 2.2.0.4 are incomplete, which allows a remote attacker to access local files only by using a valid username.Read More ...
Continue Reading24 июня, 2022
MELAG FTP Server 2.2.0.4 stores unencrpyted passwords of FTP users in a local configuration file.Read More ...
Continue Reading24 июня, 2022
In OpenCart 1.4.7 to 1.5.5.1, implemented anti-traversal code in filemanager.php is ineffective and can be bypassed.Read More ...
Continue Reading24 июня, 2022
In WordPress Plugin User Photo 0.9.4, when a photo is uploaded, it is only partially validated and it is possible to upload a backdoor on the server hosting WordPress. This backdoor can be called (exe ...
Continue Reading24 июня, 2022
A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory servers that they might not otherwise be authorized to access.Read More ...
Continue Reading24 июня, 2022
Back to Main