Microsoft Edge Chakra accesses uninitialized pointers in StackScriptFunction::BoxState::Box.
c3dd2ea0e712669479d2aa22890d91c996500f2404810f48866a0657a23d0993
The "String.prototype.replace" method can be inlined in the JIT process. So in the method, all the calls which may break the JIT assumptions must be invoked with updating "ImplicitCallFlags". But "RegexHelper::StringReplace" calls the replace function without updating the flag. Therefore it fails to detect if a user function was called.
6c4259839de11f0d96f33fa01fc2246725c92d13a8e640c34e3ea19ed893ffcd
Microsoft Edge Chakra JIT compiler creates incorrect GenerateBailOut calling patterns.
c3a94eb581652bd3601d89fe9f3bccfc65bf2f5b30dccc9db74b9516daac3bfc
The enlightened lockdown policy check for COM Class instantiation can be bypassed in MSHTML hosts leading to arbitrary code execution on a system with UMCI enabled (e.g. Device Guard).
9712057287ac930a735ce61231cfc9d8ca34030fa8ad189ecf196bc27cdeabe2
Shadowsocks-libev version 3.1.0 suffers from a remote command execution vulnerability.
8aa4d9bfa1fdc7daf2bf705d5487612abef1c1807139246be24fa5f0b84b9113
Several issues have been identified, which allow attackers to manipulate log files, execute commands and to brute force Shadowsocks with enabled autoban.py brute force detection. Brute force detection from autoban.py does not work with suggested tail command. The key of captured Shadowsocks traffic can be brute forced. The latest commit 2ab8c6b on Sep 6, 2017 is affected.
c64eed8300f6f6714169306d2895cc8ef0dff3acc98056115f385ce1201d0c24
AlienVault USM version 5.4.2 suffers from a cross site request forgery vulnerability.
b5e6ee31b1a3e5fd0aa449ccfe7c7f88fc5ec5d1636f74a41f4ea05671f70da8
Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) does not properly validate input of the PUT_FILE RPC command which allows any authenticated user to hijack arbitrary file from the Content Server filesystem. Because some files on the Content Server filesystem are security-sensitive this security flaw leads to privilege escalation.
782b07d542a51cfa91ec48aaeb81da9325c12c927c3fc47bd2cfa87f5e741c19
Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) contains a design gap that allows any authenticated user the ability to replace content of security-sensitive dmr_content objects (for example, dmr_content related to dm_method objects) and gain superuser privileges.
ac7c57e364c48ad77e9244ef5c906a10bfe022c7af7f5697dd095c5d81ee4d9c
Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) contains a design gap that allows authenticated user to download arbitrary content files regardless of the attacker's repository permissions.
24c6a20d38acd4191fcc54a1c86e6f583c30b30ff4b31be01f81bdcfb2155a80
Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) allows for privilege escalation via traversal attacks leveraged through uploaded tar files.
8f058be0fbb3dae75f3313418482761ee598bb48de892ffce1875c79cccba63d
Quick CMS version 6.4 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
371be15379da1b62d2f4126e6db0e1ca97f1896e78e829c5940d7d7753c20932