Denial Of Service (DoS)

libarchive.so is vulnerable to denial of service DoS attacks. A malicious user can pass a zip file to the tradencdecryptupdate function in archivereadsupportformatzip.c, causing an out-of-bounds heap read that can crash the application...

DEBIAN-CVE-2018-1999015

FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASFF format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to...

CVE-2018-14044

SoundTouch library is vulnerable to reachable assertion in RateTransposer::setChannels function that can cause denial of service to applications using this library for processing the untrusted file input...

Denial Of Service (DoS)

libjasper.so is vulnerable to denial of service DoS attacks. A malicious user can pass a file to the calcstepsizes function in jpcdec.c to cause an assertion failure that can crash the application...

Denial Of Service (DoS)

libexiv2.so is vulnerable to denial of service DoS attacks. A malicious user can crash the applicaiton by passing a file to the tEXtToDataBuf function in pngimage.cpp...

Buffer overflow

WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length stack buffer where a value larger than the buffer can be read from a file into the buffer, causing the buffer to be overwritten, which may allow remote code execution or cause the application to crash...

Arbitrary File Write Vulnerability in CoverCMS v1.1.7

Shanghai Raging Wolf Network Technology Co., Ltd. is committed to the development of mobile Internet and enterprise website, e-commerce website. Arbitrary file writing vulnerability exists in CoverCMS v1.1.7, due to the product has not filtered the file name and content of the file to be written,...

DEBIAN-CVE-2018-1000097

Sharutils sharutils unshar command version 4.15.2 contains a Buffer Overflow vulnerability in Affected component on the file unshar.c at line 75, function lookslikeccode. Failure to perform checking of the buffer containing input line. that can result in Could lead to code execution. This attack...

Delta Electronics WPLSoft Heap Buffer Overflow Vulnerability

WPLSoft Delta PLC Programming Software is a PLC program programming software launched by Delta Electronics for use in the WINDOWS operating system environment. A heap buffer overflow vulnerability exists in Delta Electronics WPLSoft, where the application uses a fixed-length heap buffer, where a...

CVE-2017-17503

ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file...

XnView Classic for Windows Denial of Service Vulnerability (CNVD-2017-32589)

XnView Classic for Windows is an image viewing software for Windows developed by French software developer Gougelet Pierre-Emmanuel. The software can be used to view, convert, organize and edit graphic and video files. A security vulnerability exists in version 2.40 of XnView Classic for Windows...

Tulpar - Web Vulnerability Scanner

Tulpar is a open source web vulnerability scanner for written to make web penetration testing automated. Features Sql Injection GET Method XSS GET Method Crawl E-mail Disclosure Credit Card Disclosure Whois Command Injection GET Method Directory Traversal GET Method File Include GET Method Server...

CVE-2016-4333

The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the...

CERT Basic Fuzzing Framework: BFF

CERT Basic Fuzzing Framework The CERT Basic Fuzzing Framework BFF is a software testing tool that finds defects in applications that run on the Linux and Mac OS X platforms. BFF performs mutational fuzzing on software that consumes file input. Mutational fuzzing is the act of taking well-formed...

Just-Metadata - Tool that Gathers and Analyzes Metadata about IP Addresses

Just-Metadata is a tool that can be used to gather intelligence information passively about a large number of IP addresses, and attempt to extrapolate relationships that might not otherwise be seen. Just-Metadata has "gather" modules which are used to gather metadata about IPs loaded into the...

openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2013:0946-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SuSE Update for MozillaFirefox openSUSE-SU-2013:0825-1 (MozillaFirefox)

Check for the Version of MozillaFirefox OpenVAS Vulnerability Test $Id: gbsuse201308251.nasl 8456 2018-01-18 06:58:40Z teissa $ SuSE Update for MozillaFirefox openSUSE-SU-2013:0825-1 MozillaFirefox Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH,...

openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2013:0825-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MozillaFirefox: update to version 21.0 (important)

MozillaFirefox was updated to Firefox 21.0 bnc819204 MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 Miscellaneous memory safety hazards MFSA 2013-42/CVE-2013-1670 bmo853709 Privileged access for content level constructor MFSA 2013-43/CVE-2013-1671 bmo842255 File input control has access to full path MF...

Ubuntu: Security Advisory (USN-1822-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...