914 matches found
PT-2022-6564 · Ffjpeg · Ffjpeg
Name of the Vulnerable Software and Affected Versions: ffjpeg versions prior to 01.01.2021 Description: The issue is a global buffer overflow that could cause a Denial of Service by using a crafted jpeg file. It is similar to a previously known issue. The problem lies in the jfif encode function ...
Wing FTP Server 4.3.8 - Remote Code Execution (Authenticated) Exploit
Exploit Title: Wing FTP Server 4.3.8 - Remote Code Execution RCE Authenticated Exploit Author: notcos Credit: Credit goes to the initial discoverer of this exploit, Alex Haynes. Vendor Homepage: https://www.wftpserver.com/ Software Link: https://www.wftpserver.com/download/WingFtpServer.exe...
Ubuntu: Security Advisory (USN-5033-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2021-0527)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GHSA-FH56-85CW-5PQ6 UltraJSON vulnerable to Out-of-bounds Write
UltraJSON aka ujson 1.34 through 5.1.0 has a stack-based buffer overflow in BufferAppendIndentUnchecked called from encode...
UltraJSON vulnerable to Out-of-bounds Write
UltraJSON aka ujson 1.34 through 5.1.0 has a stack-based buffer overflow in BufferAppendIndentUnchecked called from encode...
Out-of-bounds read in Exiv2::Internal::CrwMap::encode
...
Out-of-bounds read in Exiv2::Jp2Image::encodeJp2Header
...
CVE-2021-45958
UltraJSON aka ujson through 5.1.0 has a stack-based buffer overflow in BufferAppendIndentUnchecked called from encode. Exploitation can, for example, use a large amount of indentation...
CVE-2021-45958
UltraJSON aka ujson through 5.1.0 has a stack-based buffer overflow in BufferAppendIndentUnchecked called from encode. Exploitation can, for example, use a large amount of indentation...
PYSEC-2022-25
UltraJSON aka ujson through 5.1.0 has a stack-based buffer overflow in BufferAppendIndentUnchecked called from encode. Exploitation can, for example, use a large amount of indentation...
Stack overflow
UltraJSON aka ujson through 5.1.0 has a stack-based buffer overflow in BufferAppendIndentUnchecked called from encode. Exploitation can, for example, use a large amount of indentation...
CVE-2021-45958
UltraJSON aka ujson through 5.1.0 has a stack-based buffer overflow in BufferAppendIndentUnchecked called from encode. Exploitation can, for example, use a large amount of indentation...
CVE-2021-45958
UltraJSON aka ujson through 5.1.0 has a stack-based buffer overflow in BufferAppendIndentUnchecked called from encode. Exploitation can, for example, use a large amount of indentation...
CVE-2021-44543
An XSS vulnerability was found in Privoxy which was fixed in cgierrornotemplate by encode the template name when Privoxy is configured to servce the user-manual itself...
Cross site scripting
An XSS vulnerability was found in Privoxy which was fixed in cgierrornotemplate by encode the template name when Privoxy is configured to servce the user-manual itself...
CVE-2021-44543
An XSS vulnerability was found in Privoxy which was fixed in cgierrornotemplate by encode the template name when Privoxy is configured to servce the user-manual itself...
CVE-2021-44543
An XSS vulnerability was found in Privoxy which was fixed in cgierrornotemplate by encode the template name when Privoxy is configured to servce the user-manual itself...
CVE-2021-44543
Impactful detail: Privoxy contains an XSS vulnerability in cgi_error_no_template() related to encoding the template name when Privoxy is configured to serve the user-manual. The root cause is insufficient encoding of the template name, enabling potential cross-site scripting. The issue is address...
Updated perl/perl-Encode packages fix security vulnerability
Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library in the current working directory that preempts dynamic module loading. Exploitation requires an unusual configuration, and certain 2021 versions of Encode.pm 3.05...