Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-40371: Request Management - Gridpro

Gridpro Request Management for Windows Azure Pack before 2.0.7912 allows Directory Traversal for remote code execution, as demonstrated by …\ in a scriptName JSON value to ServiceManagerTenant/GetVisibilityMap.

CVE
#windows#js

Related news

GridPro Request Management For Windows Azure Pack 2.0.7905 Directory Traversal

GridPro Request Management for Windows Azure Pack versions 2.0.7905 and below suffer from a traversal vulnerability that can allow for arbitrary execution of Powershell scripts.

CVE-2020-19609: git.ghostscript.com Git - mupdf.git/commit

Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service.

CVE-2021-3287: Read me | OpManager Help

Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the deserialization class.

CVE-2021-30123: git.videolan.org Git - ffmpeg.git/commitdiff

FFmpeg <=4.3 contains a buffer overflow vulnerability in libavcodec through a crafted file that may lead to remote code execution.

CVE-2018-10289: 699271 – Infinite Loop in fz_skip_space (source/pdf/pdf-xref.c)

In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of service via a crafted pdf file.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907