NetSpectre — New Remote Spectre Attack Steals Data Over the Network

A team of security researchers has discovered a new Spectre attack that can be launched over the network, unlike all other Spectre variants that require some form of local code execution on the target system. Dubbed "NetSpectre," the new remote side-channel attack, which is related to Spectre...

CVE-2018-2900

Vulnerability in the BI Publisher component of Oracle Fusion Middleware subcomponent: Layout Tools. The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. Successful attacks of...

CVE-2018-2900

Vulnerability in the BI Publisher component of Oracle Fusion Middleware subcomponent: Layout Tools. The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. Successful attacks of...

CVE-2018-2900

CVE-2018-2900 affects Oracle BI Publisher (Layout Tools) within Oracle Fusion Middleware. Affected: BI Publisher component, 11.1.1.7.x prior to 11.1.1.7.180717 or 11.1.1.9.x prior to 11.1.1.9.180717 (and related versions per the July 2018 CPU advisory). Affected configuration allows unauthenticat...

DEBIAN-CVE-2018-14033

An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5Olayoutdecode in H5Olayout.c, related to HDmemcpy...

HDF5 Buffer Overflow Vulnerability (CNVD-2019-03453)

HDF5 is a free suite of tools for managing the storage of different types of data that can be managed, manipulated, viewed, analyzed, and generated in portable formats. A heap buffer overflow vulnerability exists in the 'H5Olayoutdecode' function of the H5Olayout.c file in HDF version 51.8.20,...

[SECURITY] Fedora 27 Update: cantata-2.3.1-1.fc27

Cantata is a graphical client for the music player daemon MPD. Features: Multiple MPD collections. Highly customisable layout. Songs grouped by album in play queue. Context view to show artist, album, and song information of current track. Simple tag editor. File organizer - use tags to organize...

Unspecified vulnerability in tinyexr

tinyexr is a small OpenEXR image load/save library. A security vulnerability exists in the ComputeChannelLayout of the tinyexr.h file in version 0.9.5 of tinyexr. No details of the vulnerability are provided at this time...

nl.beta-layout.com XSS vulnerability

Open Bug Bounty ID: OBB-635865 Description| Value ---|--- Affected Website:| nl.beta-layout.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

de.beta-layout.com XSS vulnerability

Open Bug Bounty ID: OBB-632398 Description| Value ---|--- Affected Website:| de.beta-layout.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

DEBIAN-CVE-2018-5155

A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.8, Thunderbird ESR 52.8, Firefox 60, and Firefox ESR 52.8...

DEBIAN-CVE-2017-7828

A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" object has been freed while still in use. This results in a potentially exploitable crash during these operations. This vulnerability affects Firefox 57, Firefox ESR 52.5, and Thunderbird 52.5...

DEBIAN-CVE-2017-7801

A use-after-free vulnerability can occur while re-computing layout for a "marquee" element during window resizing where the updated style object is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox...

CVE-2017-5472

A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird...

DEBIAN-CVE-2017-5472

A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird...

CVE-2017-5449

A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations. This vulnerability affects Thunderbird 52.1, Firefox ESR 52.1, and Firefox 53...

DEBIAN-CVE-2017-5447

An out-of-bounds read during the processing of glyph widths during text layout. This results in a potentially exploitable crash and could allow an attacker to read otherwise inaccessible memory. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

CVE-2017-5413

A segmentation fault can occur during some bidirectional layout operations. This vulnerability affects Firefox 52 and Thunderbird 52...

CVE-2017-5413

A segmentation fault can occur during some bidirectional layout operations. This vulnerability affects Firefox 52 and Thunderbird 52...

DEBIAN-CVE-2017-5375

JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...