libmysofa 缓冲区错误漏洞

libmysofa is a library for reading AES SOFA files. A security vulnerability exists in libmysofa that stems from the application's susceptibility to heap-based buffer overflows...

CVE-2021-32948

An out-of-bounds write issue exists in the DWG file-reading procedure in the Drawings SDK All versions prior to 2022.4 resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow attackers to cause a denial-of-servic...

CVE-2021-32952

An out-of-bounds write issue exists in the DGN file-reading procedure in the Drawings SDK Version 2022.4 and prior resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow attackers to cause a denial-of-service...

Haserl Arbitrary File Reader

This module exploits haserl prior to 0.9.36 to read arbitrary files. The most widely accepted exploitation vector is reading /etc/shadow, which will reveal root's hash for cracking. Module Options msf use post/linux/gather/haserlread msf posthaserlread show actions ...actions... msf posthaserlrea...

Null Pointer Reference Vulnerability in CAJViewer

CAJviewer is a specialized full-text format reader for China Journal Network CJN, which supports TEB, NH, CAJ, KDH and PDF files of CJN. CAJViewer suffers from a null pointer reference vulnerability that can be exploited by an attacker to cause a denial of service...

libxls: Multiple vulnerabilities

Background libxls is a C library for reading Excel files in the nasty old binary OLE format, plus a command-line tool for converting XLS to CSV. Description Multiple vulnerabilities have been discovered in libxls. Please review the CVE identifiers referenced below for details. Impact A remote...

Adobe Acrobat/Reader Type Obfuscation Vulnerability (CNVD-2019-30090)

Adobe Acrobat is a PDF editing software developed by Adobe.Adobe Reader also known as Acrobat Reader is a PDF file reader developed by Adobe. A type confusion vulnerability exists in Adobe Acrobat/Reader. An attacker can exploit this vulnerability to execute arbitrary code...

Teeworlds Integer Overflow Vulnerability

Teeworlds is a free online multiplayer game. An integer overflow vulnerability exists in CDataFileReader::Open in engine/shared/datafile.cpp in Teeworlds 0.7.2, which arises from a networked system or product that does not properly compute or convert the resulting numbers, and can be exploited by...

chromium-browser: Use-after-free in FileReader

Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...

New Google Chrome Zero-Day Vulnerability Found Actively Exploited in the Wild

You must update your Google Chrome immediately to the latest version of the web browsing application. Security researcher Clement Lecigne of Google's Threat Analysis Group discovered and reported a high severity vulnerability in Chrome late last month that could allow remote attackers to execute...

Solaris srsexec Arbitrary File Reader

This module exploits a vulnerability in NetCommander 3.2.3 and 3.2.5. When srsexec is executed in debug -d verbose -v mode, the first line of an arbitrary file can be read due to the suid bit set. The most widely accepted exploitation vector is reading /etc/shadow, which will reveal root's hash f...

CVE-2017-17446

The MemFileReader::readavail function in DataReader.cpp in the GameMusicEmu library aka game-music-emu 0.6.1 does not ensure a non-negative size, which allows remote attackers to cause a denial of service application crash via a crafted file...

UBUNTU-CVE-2017-17446

The MemFileReader::readavail function in DataReader.cpp in the GameMusicEmu library aka game-music-emu 0.6.1 does not ensure a non-negative size, which allows remote attackers to cause a denial of service application crash via a crafted file...

PT-2017-14782 · Unknown +2 · Game-Music-Emu +2

Name of the Vulnerable Software and Affected Versions: Game Music Emu library version 0.6.1 Description: The issue is related to the Mem File Reader::read avail function in Data Reader.cpp, which does not ensure a non-negative size. This allows remote attackers to cause a denial of service,...

UBUNTU-CVE-2017-12961

There is an assertion abort in the function parseattributes in data/sys-file-reader.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service...

DEBIAN-CVE-2017-12961

There is an assertion abort in the function parseattributes in data/sys-file-reader.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service...

Linux/x86 - File Reader Shellcode (54 Bytes)

;================================================================================ ; The MIT License ; ; Copyright c ; ; Permission is hereby granted, free of charge, to any person obtaining a copy ; of this software and associated documentation files the "Software", to deal ; in the Software...

Linux/x86 - File Reader Shellcode (54 Bytes)

Linux/x86 - File Reader Shellcode 54 Bytes. Shellcode exploit for Linx86 platform ;================================================================================ ; The MIT License ; ; Copyright c ; ; Permission is hereby granted, free of charge, to any person obtaining a copy ; of this software...

firewalld security, bug fix, and enhancement update

0.4.3.2-8 - Exclude firewallctl RHBZ1374799 0.4.3.2-7 - Tolerate ipv6rpfilter fail RHBZ1285769 - Fix setrules to copy the rule before extracting the table RHBZ1373260 - Translation update RHBZ1273296 - Conflict with NetworkManager 1:1.4.0-3.el7 RHBZ1366288 0.4.3.2-6 - Do not use exit code 254 for...

MGASA-2016-0325 Updated graphicsmagick packages fix security vulnerability

A possible heap overflow of the EscapeParenthesis function CVE-2016-7447. The Utah RLE reader did not validate that header information was reasonable given the file size and so it could cause huge memory allocations and/or consume huge amounts of CPU CVE-2016-7448. The TIFF reader had a bug...