:: Deepquest ::

Concrete5 versions 5.7.3.1 and below suffer from multiple persistent cross site scripting vulnerabilities.

Concrete5 versions 5.7.3.1 and below suffer from a local file inclusion vulnerability.

The Ubiquiti AirGateway, AirFiber, and mFi platforms feature remote administration via an authenticated web-based portal. Lack of CSRF protection in the Remote Administration Portal, and unsafe passing of user input to operating system commands executed with root privileges, can be abused in a way that enables remote command execution.

Symantec Antivirus version 5.3.11 suffers from multiple remote memory corruption vulnerabilities when unpacking RAR files.

The Symantec dec2lha library is the library responsible for decompressing LZH and LHA archives. The CSymLHA::get_header() routine has a trivial stack buffer overflow.

Symantec Antivirus suffers from multiple remote memory corruption issues when unpacking MSPACK archives.

Symantec attempts to clean or remove components from archives or other multipart containers that they detect as malicious. The code that they use to remove components from MIME encoded messages in CMIMEParser::UpdateHeader() assumes that filenames cannot be longer than 77 characters. This assumption is obviously incorrect, names can be any length, resulting in a very […]

Symantec suffers from an integer overflow in the TNEF decoder.

Symantec suffers from a missing bounds checks in dec2zip ALPkOldFormatDecompressor::UnShrink.

Symantec suffers from a PowerPoint misaligned stream-cache remote stack buffer overflow vulnerability.