![]() The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. dat files (containing serialized Python objects) via directory traversal, leading to code execution.Īn issue was discovered in stb stb_image.h 2.27. ![]() NOTE: this issue exists because of an incomplete fix for CVE-2020-28328.īabel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale. In certain circumstances involving admin account takeover, logger_file_name can refer to an attacker-controlled PHP file under the web root, because only the all-lowercase PHP file extensions were blocked. ![]() SuiteCRM before 7.11.19 allows remote code execution via the system settings Log File Name setting.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |