![]() The difference is that this issue is in parsing the query record `parse_query()`, while the issue in CVE-2022-24793 is in `parse_rr()`. This vulnerability is related to CVE-2022-24793. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. PJSIP is a free and open source multimedia communication library written in C. Netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778. Also, within the specific context of Thorn SFTP gateway, this leads to remote code execution. ![]() Thorn SFTP gateway 3.4.x before 3.4.4 uses Pivotal Spring Framework for Java deserialization of untrusted data, which is not supported by Pivotal, a related issue to CVE-2016-1000027. Tencent tdsqlpcloud through 1.8.5 allows unauthenticated remote attackers to discover database credentials via an index.php/api/install/get_db_info request, a related issue to CVE-2023-42387.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |