Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. Google Android 11 suffers from an information disclosure vulnerability. The vulnerability arises due to an out-of-bounds write due to a lack of bounds checking in...

OSV-2021-703 Container-overflow in unsigned long jsoncons::detail::escape_string<char, jsoncons::string_sink<std::_

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33781 Crash type: Container-overflow READ 1 Crash state: unsigned long jsoncons::detail::escapestring::key...

CVE-2020-36120

Buffer Overflow in the "sixelencoderencodebytes" function of Libsixel v1.8.6 allows attackers to cause a Denial of Service DoS...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow. Buffer Overflow in the "sixelencoderencodebytes" function of Libsixel v1.8.6 allows attackers to cause a Denial of Service DoS. Remediation There is no fixed version for libsixel. References - GitHub Issue...

UBUNTU-CVE-2020-36120

Buffer Overflow in the "sixelencoderencodebytes" function of Libsixel v1.8.6 allows attackers to cause a Denial of Service DoS...

libsixel 缓冲区错误漏洞

Libsixel is a package that provides encoding/decoding implementations for DEC SIXEL graphics and other converter programs. A buffer overflow vulnerability exists in Libsixel version v1.8.6, which stems from a buffer overflow in the sixelencoderencodebytes function, and can be exploited by an...

OESA-2021-1118 openjpeg2 security update

OpenJPEG is an open-source JPEG 2000 codec written in C language. It has been developed in order to promote the use of JPEG 2000, a still-image compression standard from the Joint Photographic Experts Group JPEG. Since April 2015, it is officially recognized by ISO/IEC and ITU-T as a JPEG 2000...

Alphaware E-Commerce System 1.0 - Unauthenicated Remote Code Execution Exploit

Exploit Title: Alphaware E-Commerce System 1.0 - Unauthenicated Remote Code Execution File Upload + SQL injection Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/11676/alphaware-simple-e-commerce-system.html...

Hotel And Lodge Management System 1.0 Shell Upload

Exploit Title: Hotel and Lodge Management System 1.0 - Remote Code Execution Unauthenticated Date: 07-03-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/13707/hotel-and-lodge-management-system.html...

Hotel and Lodge Management System 1.0 - Remote Code Execution (Unauthenticated) Exploit

Exploit Title: Hotel and Lodge Management System 1.0 - Remote Code Execution Unauthenticated Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/13707/hotel-and-lodge-management-system.html Version: 1.0 Tested o...

EulerOS 2.0 SP8 : openjpeg2 (EulerOS-SA-2021-1156)

According to the versions of the openjpeg2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker is able to provide crafted input to be process...

Arbitrary Code Execution

jasper is vulnerable to arbitrary code execution. An out-of-bounds write vulnerability in the jpc encoder allows an attacker to execute arbitrary code on the host OS via a malicious input...

USN-4688-1 jasper vulnerabilities

It was discovered that Jasper incorrectly certain files. An attacker could possibly use this issue to cause a crash. CVE-2018-18873 It was discovered that Jasper incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-19542 It was...

Denial Of Service (DoS)

ghostscript is vulnerable to denial of service. The vulnerability exists through in src/lib/openjp2/pi.c, as the openjpeg encoder could cause an out-of-bounds read...

DEBIAN-CVE-2020-27842

There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability...

AZL-44106 CVE-2020-27842 affecting package openjpeg2 for versions less than 2.3.1-12

There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability...

CVE-2020-27842

There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability...

CVE-2020-27842

There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability...

DEBIAN-CVE-2020-27841

There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker is able to provide crafted input to be processed by the openjpeg encoder, this could cause an out-of-bounds read. The greatest impact from this flaw is to application availability...

CVE-2020-27841

There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker is able to provide crafted input to be processed by the openjpeg encoder, this could cause an out-of-bounds read. The greatest impact from this flaw is to application availability...