21 matches found
CVE-2022-42715
A reflected XSS vulnerability exists in REDCap before 12.04.18 in the Alerts & Notifications upload feature. A crafted CSV file will, when uploaded, trigger arbitrary JavaScript code execution...
GLSA-202409-15 : stb: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202409-15 stb: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in stb. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from the...
CVE-2023-42715
creationtimestamp| type| source ---|---|--- 2023-12-22 15:23:35+00:00| seen| https://t.me/ctinow/158434...
CVE-2023-42715
CVE-2023-42715 affects UNISOC chipsets with a vulnerability in the telephony service caused by a missing permission check, enabling local information disclosure without requiring extra execution privileges. The CVSS entry cites local attack vector, low attack complexity, and low privileges requir...
CVE-2022-42715
creationtimestamp| type| source ---|---|--- 2022-10-12 16:26:41+00:00| seen| https://t.me/cibsecurity/51261 2022-10-13 16:43:33+00:00| seen| https://t.me/HacktivistOfGarudaOfficial/241 2022-10-13 16:43:33+00:00| seen| https://t.me/HacktivistOfGarudaOfficial/787...
CVE-2022-42715
Affected software: REDCap (prior to 12.04.18). Vulnerability: Reflected XSS in the Alerts & Notifications upload feature. A crafted CSV file can cause arbitrary JavaScript execution in the user’s browser. Root cause / scope: Unclear from provided docs beyond the XSS result via CSV upload; the iss...
Updated zxing-cpp packages fix security vulnerability
Buffer overflow vulnerability in function stbiextendreceive in stbimage.h in stb 2.26 via a crafted JPEG file. CVE-2021-28021 An issue was discovered in stb stbimage.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An...
openSUSE: Security Advisory for zxing-cpp (openSUSE-SU-2022:0157-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED15 / SLES15 Security Update : zxing-cpp (SUSE-SU-2022:0157-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0157-1 advisory. - Buffer overflow vulnerability in function stbiextendreceive in stbimage.h in stb 2.26 via a crafted JPEG file. CVE-2021-28021 - An...
SUSE SLED12 / SLES12 Security Update : zxing-cpp (SUSE-SU-2022:0163-1)
The remote SUSE Linux SLED12 / SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0163-1 advisory. - Buffer overflow vulnerability in function stbiextendreceive in stbimage.h in stb 2.26 via a crafted JPEG file. CVE-2021-28021 - An...
SUSE-SU-2022:0163-1 Security update for zxing-cpp
This update for zxing-cpp fixes the following issues: - CVE-2021-28021: Fixed buffer overflow vulnerability in function stbiextendreceive in stbimage.h via a crafted JPEG file. bsc1191743. - CVE-2021-42715: Fixed buffer overflow in stbimage PNM loader bsc1191942. - CVE-2021-42716: Fixed denial of...
Fedora: Security Advisory for stb (FEDORA-2021-d1446cd1ac)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for usd (FEDORA-2021-001f25d986)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for sdrpp (FEDORA-2021-f8ba4a690e)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for stb (FEDORA-2021-082bea5b34)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2021-42715
creationtimestamp| type| source ---|---|--- 2021-10-21 22:37:08+00:00| seen| https://t.me/cibsecurity/30974...
CVE-2021-42715
An issue was discovered in stb stbimage.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stbimage by submitting crafted HDR files...
CVE-2021-42715
An issue was discovered in stb stbimage.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stbimage by submitting crafted HDR files...
CVE-2021-42715
An issue was discovered in stb stbimage.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stbimage by submitting crafted HDR files...
CVE-2021-42715
The CVE-2021-42715 issue concerns the HDR loader in the libstb component (stb_image.h) versions 1.33 through 2.27, where truncated end-of-file RLE scanlines are parsed as an infinite sequence of zero-length runs. This can allow a crafted HDR file to cause denial of service in applications using s...