Moodle edit_blog.php Server-Side Request Forgery Vulnerability [CVE-2019-6970]

CVE Number – CVE-2019-6970 A vulnerability in the edit_blog.php script of Moodle could allow an authenticated, remote attacker to perform a server-side

Read more

Artifex Software Ghostscript DefineResource dSAFER Security Bypass Vulnerability [CVE-2019-3838]

CVE Number – CVE-2019-3838 A vulnerability in Artifex Software Ghostscript could allow an unauthenticated, remote attacker to bypass security restrictions

Read more

Artifex Software Ghostscript superexec -dSAFER Security Bypass Vulnerability [CVE-2019-3835]

CVE Number – CVE-2019-3835 A vulnerability in Artifex Software Ghostscript could allow an unauthenticated, remote attacker to bypass security restrictions

Read more

Drupal Core – Cross Site Scripting

Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting

Read more

Info-ZIP UnZip zipinfo.c Denial of Service Vulnerability [CVE-2016-9844]

CVE Number – CVE-2016-9844 A vulnerability in the zi_short function of Info-Zip UnZip could allow a local attacker to cause a denial

Read more

libssh2 SSH Packet Processing Out-of-Bounds Read Vulnerability [CVE-2019-3861]

CVE Number – CVE-2019-3861 A vulnerability in libssh2 could allow an unauthenticated, remote attacker to access sensitive information or cause

Read more

libssh2 SFTP Packet Processing Zero Byte Allocation Out-of-Bounds Read Vulnerability [CVE-2019-3858]

CVE Number – CVE-2019-3858 A vulnerability in the sftp_packet_read function of libssh2 could allow an unauthenticated, remote attacker to access sensitive information

Read more

libssh2 SSH_MSG_CHANNEL_REQUEST Packet Handling Out-of-Bounds Read Vulnerability [CVE-2019-3862]

CVE Number – CVE-2019-3862 A vulnerability in libssh2 could allow an unauthenticated, remote attacker to access sensitive information or cause

Read more

libssh2 Keyboard Interactive Response Messages Integer Overflow Vulnerability [CVE-2019-3863]

CVE Number – CVE-2019-3863 A vulnerability in libssh2 could allow an unauthenticated, remote attacker to execute arbitrary code or cause

Read more

HashiCorp Consul Token Privilege Escalation Vulnerability [CVE-2019-8336]

CVE Number – CVE-2019-8336 A vulnerability in HashiCorp Consul could allow an unauthenticated, remote attacker to bypass access restrictions on

Read more
%d bloggers like this: