147 matches found
EUVD-2018-14240
Malware in sbrugna...
EUVD-2018-14275
Malware in sbrugna...
EUVD-2018-14249
Malware in sbrugna...
EUVD-2018-14293
Malware in sbrugna...
EUVD-2018-14276
Malware in sbrugna...
EUVD-2018-14244
Malware in sbrugna...
EUVD-2018-14246
Malware in sbrugna...
xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer overflow in X Record extension
A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks...
VulnCheck KEV: CVE-2018-2392
Under certain conditions SAP Internet Graphics Server IGS 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server IGS to become unavailable...
CVE-2005-1691
Directory traversal vulnerability in Internet Graphics Server in SAP before 6.40 Patch 11 allows remote attackers to read arbitrary files via ".." sequences in an HTTP GET request...
xorg: xwayland: Out-of-bounds write in CreatePointerBarrierClient()
An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was found. However, the code will return the last element of the list if no matching...
AZL-57414 CVE-2025-26596 affecting package xorg-x11-server-Xwayland for versions less than 24.1.6-1
A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms differs from what is written in XkbWriteKeySyms, which may lead to a heap-based buffer overflow...
SAP Internet Graphics Server (IGS) XMLCHART XXE
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Internet Graphics Server IGS XMLCHART XXE', 'Description' = %q This module exploits CVE-2018-2392 and CVE-2018-2393, two XXE vulnerabilities...
AZL-35354 CVE-2024-0408 affecting package xorg-x11-server for versions less than 1.20.10-5
A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource as with a GetGeometry or when it creates another resource that needs to access that buffer, such as...
SUSE CVE-2015-1802
The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service out-of-bounds write and crash or possibly execute arbitrary code via a 1 negative or 2 large property count in a BDF font file...
SAP Internet Graphics Server 缓冲区错误漏洞
SAP Internet Graphics Service is a component of the SAP R/3 enterprise environment that provides graphics services. A memory corruption vulnerability exists in SAP Internet Graphics Service, which can be exploited by an unauthenticated attacker to cause a system crash by submitting a malicious IG...
SAP Internet Graphics Server 缓冲区错误漏洞
SAP Internet Graphics Service is a component of the SAP R/3 enterprise environment that provides graphics services. A memory corruption vulnerability exists in SAP Internet Graphics Service, which can be exploited by an unauthenticated attacker to cause a system crash by submitting a malicious IG...
Metasploit Wrap-Up
SAP Internet Graphics Server IGS This week includes a new module targeting the SAP Internet Graphics Server application, contributed by community member Vladimir Ivanov. This particular module covers two CVEs that are both XML External Entity XXE bugs that are remotely exploitable. The module com...
CVE-2020-0357
In SurfaceFlinger, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the graphics server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:...
CVE-2020-0357
In SurfaceFlinger, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the graphics server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:...