Stack-based buffer overflow in the ipv6_addr_from_str function in sys/net/network_layer/ipv6/addr/ipv6_addr_from_str.c in RIOT prior to 2017-04-25 allows local attackers, and potentially remote attackers, to cause a denial of...
Read MoreArtifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via a “/OutputFile (%pipe%” substring in a crafted .eps document that is an input to the gs program, as exploited in the wild...
Read MoreHDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. The NameNode is provided as a query parameter that is not validated in Apache Hadoop before 2.7.0.
Read MoreThe HDFS web UI in Apache Hadoop before 2.7.0 is vulnerable to a cross-site scripting (XSS) attack through an unescaped query parameter.
Read MoreIBM WebSphere Commerce Enterprise, Professional, Express, and Developer 8.0 could allow a local user to hijack a user’s session. IBM X-Force ID: 123230.
Read More