120 matches found
EUVD-2019-7488
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-17013
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla developers reported memory safety bugs present in Firefox 70. Some of these bugs showed evidence of memory corruption and we presume that with enough...
CVE-2024-56431
ochufftreeunpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift. NOTE: this is disputed by third parties because there is no evidence of a security impact, e.g., an application would not crash...
Adobe InCopy 16.0 < 16.4.0 Multiple Vulnerabilities (APSB21-71)
The version of Adobe InCopy installed on the remote host is prior to 16.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB21-71 advisory. - Adobe InCopy version 11.1 and earlier is affected by a memory corruption vulnerability due to insecure handling of a...
Adobe ColdFusion < 2021.x < 2021u16 / 2023.x < 2023u10 Vulnerability (APSB24-71)
The version of Adobe ColdFusion installed on the remote Windows host is prior to 2021.x update 16 or 2023.x update 10. It is, therefore, affected by a vulnerability as referenced in the APSB24-71 advisory. - Deserialization of Untrusted Data CWE-502 potentially leading to Arbitrary code execution...
CVE-2023-45249
Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure ACI before build 5.0.1-61, Acronis Cyber Infrastructure ACI before build 5.1.1-71, Acronis Cyber Infrastructure ACI before build 5.2.1-69, Acronis Cyber Infrastructure ACI...
Adobe Dimension < 3.4.11 Multiple Memory leak (APSB23-71)
The version of Adobe Dimension installed on the remote Windows host is prior to 3.4.11. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB23-71 advisory. - Adobe Dimension versions 3.4.10 and earlier are affected by an out-of-bounds read vulnerability that could lead...
Adobe Dimension < 3.4.11 Multiple Memory leak (APSB23-71) (macOS)
The version of Adobe Dimension installed on the remote macOS host is prior to 3.4.11. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB23-71 advisory. - Adobe Dimension versions 3.4.10 and earlier are affected by an out-of-bounds read vulnerability that could lead t...
Malicious code in sketch-71-symbol-resync (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a6f850b539539800e75073f80c17bd8308630e63ec70240f60f65b625c85ae0b The OpenSSF Package Analysis project identified 'sketch-71-symbol-resync' @ 99.99.0 npm as malicious. It is considered malicious because: - The...
MAL-2023-1563 Malicious code in sketch-71-symbol-resync (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a6f850b539539800e75073f80c17bd8308630e63ec70240f60f65b625c85ae0b The OpenSSF Package Analysis project identified 'sketch-71-symbol-resync' @ 99.99.0 npm as malicious. It is considered malicious because: - The...
PT-2023-20242 · Ibm · Ibm Powervm Hypervisor
Name of the Vulnerable Software and Affected Versions: IBM PowerVM Hypervisor versions FW950.00 through FW950.71 IBM PowerVM Hypervisor versions FW1010.00 through FW1010.40 IBM PowerVM Hypervisor versions FW1020.00 through FW1020.20 IBM PowerVM Hypervisor versions FW1030.00 through FW1030.11...
Upgraded Q -> 3 from #71 [1676966386580]
Judge has assessed an item in Issue 71 as 3 risk. The relevant finding follows: L-04 onlyMinter modifier is not working as expected Description onlyMinter can be bypasssed by anyone due to an invalid check: modifier onlyMinter msg.sender == minterAddress; ; Thus, everyone can mint tokens: functio...
SUSE CVE-2018-18336
Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file...
SUSE CVE-2018-18343
Incorrect handing of paths leading to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
SUSE CVE-2019-11756
Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. This vulnerability affects Firefox 71...
SUSE CVE-2019-17024
Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR 68.4 and...
Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second
Web infrastructure company Cloudflare on Monday disclosed that it thwarted a record-breaking distributed denial-of-service DDoS attack that peaked at over 71 million requests per second RPS. "The majority of attacks peaked in the ballpark of 50-70 million requests per second RPS with the largest...
EulerOS Virtualization 2.9.0 : nss (EulerOS-SA-2022-2203)
According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. Thi...
EulerOS 2.0 SP9 : nss (EulerOS-SA-2022-1871)
According to the versions of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. This vulnerability...
CVE-2022-31796
libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use...