In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within...
Read MoreIn FFmpeg 3.3.3, a DoS in cine_read_header() due to lack of an EOF check might cause huge CPU and memory consumption. When a crafted CINE file, which claims a large “duration” field in the header but does not contain...
Read MoreMultiple untrusted search path vulnerabilities in installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1)...
Read MoreBlackCat CMS 1.2 allows remote authenticated users to inject arbitrary PHP code into info.php via a crafted new_modulename parameter to backend/addons/ajax_create.php. NOTE: this can be exploited via CSRF.
Read MoreIn BlackCat CMS 1.2, remote authenticated users can upload any file via the media upload function in backend/media/ajax_upload.php, as demonstrated by a ZIP archive that contains a .php file.
Read More