CVE-2020-26826

Process Integration Monitoring of SAP NetWeaver AS JAVA, versions - 7.31, 7.40, 7.50, allows an attacker to upload any file including script files without proper file format validation, leading to Unrestricted File Upload...

Industrial Light And Magic OpenEXR 代码问题漏洞

Industrial Light and Magic Academy Software Foundation OpenEXR is an image file format from Industrial Light and Magic for High Dynamic Range HDR images.A code issue vulnerability exists in Industrial Light and Magic Academy Software Foundation OpenEXR, which stems from A null pointer compliance...

Information Disclosure

Dropbear is vulnerable to information disclosure. Local users can read certain files as root, if the file has the authorizedkeys file format with a command= option. This occurs as /.ssh/authorizedkeys is read with root privileges and symlinks are followed...

CVE-2020-13493

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. A specially crafted USDC file format path jumps decompression heap overflow in a way path jumps are processed. To trigger this vulnerability, the victim needs to open an...

Heap overflow

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. A specially crafted USDC file format path jumps decompression heap overflow in a way path jumps are processed. To trigger this vulnerability, the victim needs to open an...

CVE-2020-13493

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. A specially crafted USDC file format path jumps decompression heap overflow in a way path jumps are processed. To trigger this vulnerability, the victim needs to open an...

Binary vulnerability in FFmpeg tiff format

FFmpeg is a set of open source computer programs that can be used to record and convert digital audio and video into streams. A binary vulnerability exists in the FFmpeg tiff format, which can be exploited by attackers to cause a denial-of-service attack...

Purgalicious VBA: Macro Obfuscation With VBA Purging

Malicious Office documents remain a favorite technique for every type of threat actor, from red teamers to FIN groups to APTs. In this blog post, we will discuss "VBA Purging", a technique we have increasingly observed in the wild and that was first publicly documented by Didier Stevens in Februa...

RHEL 8 : libmspack (RHSA-2020:1686)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1686 advisory. The libmspack packages contain a library providing compression and extraction of the Cabinet CAB file format used by Microsoft. Security Fixes:...

CVE-2020-6147

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. This instance exists in the USDC file format FIELDS section decompression heap overflow...

CVE-2020-6150

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software USDC file format SPECS section decompression heap overflow...

CVE-2020-6147

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. This instance exists in the USDC file format FIELDS section decompression heap overflow...

CVE-2020-6150

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software USDC file format SPECS section decompression heap overflow...

CVE-2020-6148

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. An instance exists in USDC file format FIELDSETS section decompression heap overflow...

Heap overflow

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. This instance exists in the USDC file format FIELDS section decompression heap overflow...

Heap overflow

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software USDC file format SPECS section decompression heap overflow...

Heap overflow

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance in USDC file format PATHS section...

CVE-2020-6147

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. This instance exists in the USDC file format FIELDS section decompression heap overflow...

CVE-2020-6150

Four heap overflow CVEs in Pixar OpenUSD 20.05 related to USDC file format decompression of SPECS, FIELDS, FIELDSETS, and PATHS sections. TALOS-2020-1094 details exact code paths (crateFile.cpp) where unvalidated section sizes and mismatched ReadContiguous/decompression buffers allow heap-based o...

CVE-2020-6150

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software USDC file format SPECS section decompression heap overflow...