Multiple integer overflows in the Pre-EFI Initialization (PEI) boot phase in the Capsule Update feature in the UEFI implementation in EDK2 allow physically proximate attackers to bypass intended access restrictions by providing crafted data that is not properly handled during the coalescing phase. GitLab EE 8.9 and later through 12.7.2 has Insecure Permission Integer overflow in the Drive Execution Environment (DXE) phase in the Capsule Update feature in the UEFI implementation in EDK2 allows physically proximate attackers to bypass intended access restrictions via crafted data. PhpList 3.5.0 allows type juggling for admin login bypass because = is used instead of = for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.ĮG Manager 7.1.2 allows authentication bypass via a ?uname=admin&upass=&accessKey=eGm0n1t0r request.ĮG Manager 7.1.2 allows SQL Injection via the user parameter to com.eg.LoginHelperServlet (aka the Forgot Password feature).Įap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions. On the login page, if one sets a userInfo cookie with the value of admin+1+en (user+perms+lang), one can login as any user without a password. Nsak64.sys in Norman Malware Cleaner 2.08.08 allows users to call arbitrary kernel functions because the passing of function pointers between user and kernel mode is mishandled.Īn issue was discovered in phpABook 0.9 Intermediate. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.
PlaySMS before 1.4.3 does not sanitize inputs from a malicious string.įlaw in input validation in npm package klona version 1.1.0 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using klona.Ĭontrollers/page_apply.php in SJS through 1.66 is prone to unauthenticated Remote Code Execution by uploading a PHP script as a resume.Īn issue was discovered in Squid before 4.10.
Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.
0 kommentar(er)
