Security Information and News
Security
accellion — file_transfer_appliance Accellion File Transfer Appliance before FTA_9_11_210 allows remote attackers to execute arbitrary code via shell metacharacters in the oauth_token parameter. 2017-08-22 not yet calculated CVE-2015-2857MISCMISCMISCEXPLOIT-DB apache —…
adobe — flash An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of…
3par — service_processor A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be exploited remotely to allow cross-site request forgery. 2018-08-14 not yet…
apache — hive In Apache Hive 2.3.3, 3.1.0 and earlier, local resources on HiveServer2 machines are not properly protected against malicious user if ranger, sentry or sql standard authorizer is…
afian — filerun FileRun 2019.05.21 allows XSS via the filename to the ?module=fileman§ion=do&page=up URI. 2019-06-20 4.3 CVE-2019-12905MISC alpinelinux — abuild Alpine Linux abuild through 3.4.0 allows an unprivileged member of…
3s-smart — multiple_codesys_products 3S-Smart CODESYS SP Realtime NT before V2.3.7.28, CODESYS Runtime Toolkit 32 bit full before V2.4.7.54, and CODESYS PLCWinNT before V2.4.7.54 allow a NULL pointer dereference. 2019-12-20 not…
oracle — graalvm_enterprise_edition Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: Tools). Supported versions that are affected are 19.3.1 and 20.0.0. Difficult to exploit vulnerability allows…
arris — ruckus_wireless_unleashed webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to cause a denial of service (Segmentation fault) to the webserver via an unauthenticated crafted HTTP…
activerecord-session_store — activerecord-session_store The activerecord-session_store (aka Active Record Session Store) component through 1.1.3 for Ruby on Rails does not use a constant-time approach when delivering information about whether a guessed…
afian — filerun FileRun 2019.05.21 allows XSS via the filename to the ?module=fileman§ion=do&page=up URI. 2019-06-20 4.3 CVE-2019-12905MISC alpinelinux — abuild Alpine Linux abuild through 3.4.0 allows an unprivileged member of…