12 matches found
EUVD-2017-9347
Malware in sbrugna...
CVE-2017-18215
xvpng.c in xv 3.10a has memory corruption out-of-bounds write when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length value...
CVE-2017-18215
xvpng.c in xv 3.10a has memory corruption out-of-bounds write when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length value...
Memory corruption
xvpng.c in xv 3.10a has memory corruption out-of-bounds write when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length value...
CVE-2017-18215
xvpng.c in xv 3.10a has memory corruption out-of-bounds write when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length value...
CVE-2017-18215
xvpng.c in xv 3.10a has memory corruption out-of-bounds write when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length value...
CVE-2017-18215
The CVE-2017-18215 entry concerns the image tool xv, version 3.10a. Affected component: xvpng.c in xv 3.10a. Root cause: memory corruption (out-of-bounds write) when decoding PNG comment fields due to an incorrect length value. Impact: potential crashes or code execution as stated in the sources....
EasyE-Cards 3.10 SQL Injection Vulnerability and Multiple Cross Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/30328/info EasyE-Cards is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and multiple cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data...
Gentoo Security Advisory GLSA 200410-11 (tiff)
The remote host is missing updates announced in advisory GLSA 200410-11. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200410-11 (tiff)
The remote host is missing updates announced in advisory GLSA 200410-11. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EasyE-Cards 3.10 - SQL Injection / Cross-Site Scripting
source: https://www.securityfocus.com/bid/30328/info EasyE-Cards is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and multiple cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an...
CVE-2006-4907
OSU 3.11alpha and 3.10a are affected by a vulnerability where remote attackers can obtain sensitive information by requesting a non-existent file; the resulting error message reveals the web root path. The issue, as described in CVE-2006-4907, has no additional exploit details or mitigation infor...