WordPress Qi Blocks plugin <= 1.4.3 - Missing Authorization to Arbitrary Attachment Resize vulnerability

Missing Authorization to Arbitrary Attachment Resize vulnerability discovered by Adrian Lukita in WordPress Plugin Qi Blocks versions = 1.4.3...

Linux Distros Unpatched Vulnerability : CVE-2017-12182

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute...

Ubuntu 16.04 LTS / 18.04 LTS : EDK II vulnerabilities (USN-6920-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6920-1 advisory. It was discovered that EDK II was not properly performing bounds checks in Tianocompress, which could lead to a buffer overflow. An...

Ubuntu: Security Advisory (USN-6920-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6920-1: EDK II vulnerabilities

It was discovered that EDK II was not properly performing bounds checks in Tianocompress, which could lead to a buffer overflow. An authenticated user could use this issue to potentially escalate their privileges via local access. CVE-2017-5731 It was discovered that EDK II had an insufficient...

Security Bulletin: IBM has released Unified Extensible Firmware Interface (UEFI) fixes in response to TianoCore EDK II BIOS Vulnerability (CVE-2018-12182)

Summary IBM has released the following Unified Extensible Firmware Interface UEFI fixes for System x and Flex systems in response to the TianoCore EDK II BIOS Vulnerability listed below. Vulnerability Details CVEID: CVE-2018-12182 DESCRIPTION: TianoCore EDK II BIOS could allow a local authenticat...

BELL-CVE-2017-12182 CVE-2017-12182 does not affect BellSoft software

Bulletin has no description...

Mageia: Security Advisory (MGASA-2017-0401)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:3025-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:3047-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Memory corruption

A vulnerability has been identified in JT2Go All versions V13.1.0.1, Teamcenter Visualization All versions V13.1.0.1. Affected applications lack proper validation of user-supplied data when parsing of PCT files. This could result in a memory corruption condition. An attacker could leverage this...

CVE-2020-27006

A vulnerability has been identified in JT2Go All versions V13.1.0.1, Teamcenter Visualization All versions V13.1.0.1. Affected applications lack proper validation of user-supplied data when parsing of PCT files. This could result in a memory corruption condition. An attacker could leverage this...

Updated edk2 packages fix multiples security vulnerabilities

Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. CVE-2018-12179. Insufficient memory write check in SMM service for EDK II may allow an authenticated...

Oracle Linux 7 : edk2 (ELSA-2020-5861)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5861 advisory. - Create new 1.3 release for OL7 which includes the following fixed CVEs: CVE-2018-12182 CVE-2019-13224 CVE-2019-13225 CVE-2019-14553 Fri May 17 2019...

CVE-2019-12182

Directory Traversal in Safescan Timemoto and TA-8000 series version 1.0 allows unauthenticated remote attackers to execute code via the administrative API...

CVE-2019-12182

CVE-2019-12182 describes a Directory Traversal vulnerability in Safescan Timemoto and TA-8000 series (version 1.0) that allows unauthenticated remote code execution via the administrative API. Affected product family is Safescan Timemoto/TA-8000, with identifiers appearing across NVD, Red Hat, CN...

Security fix for the ALT Linux 10 package edk2 version 20190501-alt1

June 19, 2019 Alexey Shabalin 20190501-alt1 - edk2-stable201905 Fixes: CVE-2018-12182...

Wireshark Infinite Loop Vulnerability (CNVD-2019-12182)

Wireshark formerly known as Ethereal is a suite of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis.GSUP dissector is one of the GSUP Generic Subscriber Update Protocol parsers. An infinit...

CVE-2018-12182

Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access...

BELL-CVE-2018-12182 CVE-2018-12182 does not affect BellSoft software

Bulletin has no description...