GNU LibreDWG Heap Buffer Overflow Vulnerability (CNVD-2021-36637)

LibreDWG is a free C library for reading and writing DWG files. A heap buffer overflow vulnerability exists in GNU LibreDWG version 0.10. An attacker can exploit this vulnerability via the bitcalcCRC ... /... /src/bits.c:2213 to exploit the vulnerability and cause a heap buffer overflow...

GNU LibreDWG Heap Buffer Overflow Vulnerability (CNVD-2021-36636)

LibreDWG is a free C library for reading and writing DWG files. A heap buffer overflow vulnerability exists in GNU LibreDWG version 0.10. An attacker can exploit this vulnerability by reading2004compressedsection ... /... /src/decode.c:2379 to cause a heap buffer overflow...

GNU LibreDWG Heap Buffer Overflow Vulnerability (CNVD-2021-36629)

LibreDWG is a free C library for reading and writing DWG files. A heap buffer overflow vulnerability exists in GNU LibreDWG version 0.10.2641. An attacker can exploit this vulnerability via the outputTEXT ... /... /programs/dwg2SVG.c:114 to cause a heap buffer overflow...

Google TensorFlow SparseDenseCwiseMul Heap Out-of-Bounds Access Vulnerability

Google TensorFlow is an end-to-end open source machine learning platform. A heap out-of-bounds access vulnerability exists in Google TensorFlow SparseDenseCwiseMul. An attacker can exploit the vulnerability by passing an invalid parameter to "tf.raw\u ops.backpropinput" to write outside the...

GNU LibreDWG Heap Buffer Overflow Vulnerability (CNVD-2021-36630)

LibreDWG is a free C library for reading and writing DWG files. A heap buffer overflow vulnerability exists in GNU LibreDWG version 0.10.2641. An attacker can exploit this vulnerability via the htmlwescape ... /... /programs/escape.c:97 to exploit the vulnerability and cause a heap buffer overflo...

GNU LibreDWG Memory Leak Vulnerability

LibreDWG is a free C library for reading and writing DWG files. GNU LibreDWG version 0.10 in dwgdecodeeed ... /... A memory leak vulnerability exists in /src/decode.c:3638. An attacker could cause a memory leak by exploiting this vulnerability via specially crafted input...

IBM QRadar User Behavior Analytics Information Disclosure Vulnerability

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. An information...

Google TensorFlow 缓冲区错误漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a heap read vulnerability. An attacker can exploit the vulnerability to trigger an OOB read from the heap...

Siemens SIMATIC OPC UA Information Disclosure Vulnerability

The Siemens SIMATIC CP443-1 OPC UA9 is a communication processor from Siemens, Germany. An information disclosure vulnerability exists in OPC UA. An attacker could exploit this vulnerability to obtain sensitive information...

Exim Backlink Vulnerability

Exim is an open source messaging agent MTA running on Unix systems that routes, forwards and delivers mail. Exim suffers from a security vulnerability that exists as a result of the following issue with symbolic links in the Exim log directory. An attacker can exploit the vulnerability to overwri...

Denial of Service Vulnerability in D-Link DIR-809 (CNVD-2021-37560)

The D-Link DIR-809 is a wireless router that uses RTOS. A denial of service vulnerability exists in the D-Link DIR-809. An attacker can exploit the vulnerability to cause a denial of service...

XSS vulnerability in pybbs

pybbs is a practical Java development community forum system . An XSS vulnerability exists in pybbs. An attacker can exploit this vulnerability to obtain sensitive information such as user cookies...

Unauthorized Access Vulnerability in Axis Q1614 Network Camera

Axis is an IT company that specializes in providing web video solutions. An unauthorized access vulnerability exists in Axis Q1614 Network Camera. An attacker could exploit this vulnerability to obtain sensitive information...

Weak Password Vulnerability in NETGEAR WNR2200

The NETGEAR WNR2200 is a wireless router device. A weak password vulnerability exists in the NETGEAR WNR2200. An attacker could exploit the vulnerability to obtain sensitive information...

Adobe Acrobat 资源管理错误漏洞

Adobe Acrobat is a PDF editing software developed by Adobe.Adobe Reader also known as Acrobat Reader is a PDF file reader developed by Adobe. Adobe Acrobat/Reader has a post-release reuse vulnerability. An attacker can exploit this vulnerability to execute arbitrary code...

WordPress Ultimate Maps by Supsystic Plugin Cross-Site Scripting Vulnerability

WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in WordPress Ultimate Maps by Supsystic Plugin versions prior to 1.2.5. The vulnerability stems from the program not properly filtering tab parameters before outputting them to properties...

Weak Password Vulnerability in Ruckus Wireless Ruckus 7781CM

The Ruckus 7781CM is a wireless access point product from Ruckus Wireless. The Ruckus Wireless Ruckus 7781CM suffers from a weak password vulnerability that can be exploited by an attacker to obtain sensitive information...

SQL Injection Vulnerability in Loofah Video App

Loofah Video App is a video app. Loofah Video APP suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...

Unspecified Vulnerability in GitLab

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in Gitlab version 11.6 an...

Samsung Email Information Disclosure Vulnerability (CNVD-2021-39551)

Samsung Email application is a cell phone application from Samsung South Korea. It provides the function of sending and receiving e-mail. An information disclosure vulnerability exists in versions prior to Samsung Email 6.1.41.0, which can be exploited by a remote attacker to obtain attachments t...