When an Apache Geode cluster before v1.3.0 is operating in secure mode, a user with read access to specific regions within a Geode cluster may execute OQL queries containing a region name as a bind parameter that allow read access to objects within unauthorized regions. The root cause of this issue is improper user data output validation. In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. WebAccess allows an unauthenticated attacker to specify an arbitrary address. WebAccess allows a remote attacker to upload arbitrary files.Ī use-after-free issue was discovered in Advantech WebAccess versions prior to 8.3. A successful attack can lead to sensitive data exposure.Īn Unrestricted Upload Of File With Dangerous Type issue was discovered in Advantech WebAccess versions prior to 8.3. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability.
This vulnerability occurs because of computation that reads data that is past the end of the target buffer. An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137.
0 kommentar(er)
