Lucene search
K

183 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:12 a.m.6 views

SUSE CVE-2019-11737

If a wildcard '' is specified for the host in Content Security Policy CSP directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox 69...

5.3CVSS8.4AI score0.00546EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:12 a.m.3 views

SUSE CVE-2019-11748

WebRTC in Firefox will honor persisted permissions given to sites for access to microphone and camera resources even when in a third-party context. In light of recent high profile vulnerabilities in other software, a decision was made to no longer persist these permissions. This avoids the...

6.1CVSS8.3AI score0.01031EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.5 views

SUSE CVE-2020-27764

In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator where a sizet cast should have been a ssizet cast, which causes out-of-range values under some circumstances when a crafted input file is processed by ImageMagick. Red Hat Product Security marked this as Low severity...

5.3CVSS6.5AI score0.01147EPSS
Exploits0References9
NVD
NVD
added 2022/09/13 9:15 p.m.30 views

CVE-2022-38497

LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69...

5.5CVSS0.00287EPSS
Exploits1References1
Prion
Prion
added 2022/09/13 9:15 p.m.16 views

Design/Logic Flaw

LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69...

1.9CVSS5.5AI score0.00287EPSS
Exploits1References1Affected Software1
HackRead
HackRead
added 2022/07/22 6:27 p.m.22 views

Neopets Suffers Second Data Breach as 69 Million Accounts are Stolen

By Waqas Neopets has acknowledged the data breach and currently urging users to change their passwords immediately. Neopets is a… This is a post from HackRead.com Read the original post: Neopets Suffers Second Data Breach as 69 Million Accounts are Stolen...

4.7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:20 p.m.4 views

Malicious code in calc-n3mo-69 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2e84db72fdf7f17e95f6c96bd4c44723e28d55b4e730672111457ce47eb562e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 8:20 p.m.10 views

MAL-2022-1761 Malicious code in calc-n3mo-69 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2e84db72fdf7f17e95f6c96bd4c44723e28d55b4e730672111457ce47eb562e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Packet Storm
Packet Storm
added 2022/04/15 12:0 a.m.365 views

Backdoor.Win32.Psychward.03.a Weak Hardcoded Password

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/d069738f18957117367b8a79195a6a96.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Psychward.03.a Vulnerability: Weak Hardcoded Password Description: The malware listen...

0.1AI score
Exploits0
0day.today
0day.today
added 2021/11/22 12:0 a.m.322 views

Pinkie 2.15 - TFTP Remote Buffer Overflow Exploit

Exploit Title: Pinkie 2.15 - TFTP Remote Buffer Overflow PoC Discovered by: Yehia Elghaly Vendor Homepage: http://www.ipuptime.net/ Software Link : http://ipuptime.net/PinkieSetup.zip Tested Version: 2.15 Vulnerability Type: Buffer Overflow DoS Remote Tested on OS: Windows XP SP3 - Windows 7...

7.1AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/25 3:46 p.m.61 views

Security Bulletin: IBM Planning Analytics Workspace is affected by security vulnerabilities

Summary The Planning Analytics Workspace component of IBM Planning Analytics is affected by vulnerabilities These have been addressed in IBM Planning Analytics Local v2.0 - Planning Analytics Workspace Release 69. Vulnerability Details CVEID: CVE-2021-23343 DESCRIPTION: path-parse is vulnerable t...

9.8CVSS1AI score0.99019EPSS
Exploits25Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/08/17 12:0 a.m.26 views

Adobe Bridge 11.x < 11.1.1 Multiple Vulnerabilities (APSB21-69)

The version of Adobe Bridge installed on the remote Windows host is prior to 11.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb21-69 advisory. - Adobe Bridge version 11.1 and earlier is affected by a memory corruption vulnerability due to insecure handling of...

9.3CVSS7.5AI score0.05583EPSS
Exploits0References17
NVD
NVD
added 2020/12/08 10:15 p.m.53 views

CVE-2020-27754

In IntensityCompare of /magick/quantize.c, there are calls to PixelPacketIntensity which could return overflowed values to the caller when ImageMagick processes a crafted input file. To mitigate this, the patch introduces and uses the ConstrainPixelIntensity function, which forces the pixel...

4.3CVSS4.2AI score0.01124EPSS
Exploits1References3
Prion
Prion
added 2020/12/08 10:15 p.m.22 views

Design/Logic Flaw

In IntensityCompare of /magick/quantize.c, there are calls to PixelPacketIntensity which could return overflowed values to the caller when ImageMagick processes a crafted input file. To mitigate this, the patch introduces and uses the ConstrainPixelIntensity function, which forces the pixel...

4.3CVSS3.5AI score0.01124EPSS
Exploits1References3Affected Software2
UbuntuCve
UbuntuCve
added 2020/12/08 9:15 p.m.20 views

CVE-2020-25667

TIFFGetProfiles in /coders/tiff.c calls strstr which causes a large out-of-bounds read when it searches for "dc:format="image/dng" within profile due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a StringInfo type instead of a raw C string to...

5.5CVSS6.8AI score0.01095EPSS
Exploits1References2
OSV
OSV
added 2020/12/04 3:15 p.m.20 views

CVE-2020-27766

A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long. This would most likely lead to an impact to application availability,...

7.8CVSS6.1AI score
Exploits0References3
CNVD
CNVD
added 2020/12/04 12:0 a.m.4 views

ImageMagick Input Validation Error Vulnerability

Imagemagick Studio ImageMagick is a suite of open source image processing software from ImageMagick Studio Imagemagick Studio, an American company. The software can read, convert or write images in many formats. A security vulnerability exists in versions prior to ImageMagick 6.9.10-69, which ste...

4.3CVSS7.4AI score0.01147EPSS
Exploits0References1
NVD
NVD
added 2020/12/03 5:15 p.m.25 views

CVE-2020-27764

In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator where a sizet cast should have been a ssizet cast, which causes out-of-range values under some circumstances when a crafted input file is processed by ImageMagick. Red Hat Product Security marked this as Low severity...

4.3CVSS3.9AI score0.01147EPSS
Exploits0References4
Prion
Prion
added 2020/12/03 5:15 p.m.27 views

Input validation

In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator where a sizet cast should have been a ssizet cast, which causes out-of-range values under some circumstances when a crafted input file is processed by ImageMagick. Red Hat Product Security marked this as Low severity...

4.3CVSS3.7AI score0.01147EPSS
Exploits0References4Affected Software2
CNNVD
CNNVD
added 2020/12/03 12:0 a.m.8 views

ImageMagick Studio ImageMagick 输入验证错误漏洞

Imagemagick Studio ImageMagick is a suite of open source image processing software from ImageMagick Studio Imagemagick Studio, an American company. The software can read, convert or write images in many formats. A security vulnerability exists in versions prior to ImageMagick 6.9.10-69, which ste...

4.3CVSS6.9AI score0.01147EPSS
Exploits0References12
Rows per page
Query Builder