3048 matches found
CVE-2017-8341
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing...
Arbitrary Code Execution
glibc is vulnerable to arbitrary code execution. A local authenticated attacker could write before the destination buffer leading to a buffer underflow and potential code execution due to a confusion in the usage of getcwd by realpath. Affected is the function realpath in the library...
Memory Corruption
Firefox is vulnerable to memory corruption attacks. This occurs in the Skia library during graphic operations. An attacker could use this flaw to cause denial of service conditions...
The vulnerability of the struct library in the Lua subsystem of the Redis database management system allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
Vulnerability of the struct library in the Lua subsystem of the Redis database management system. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the JSON-lib library used in REST plugins of the Apache Struts software framework allows attackers to induce a service failure.
The vulnerability of the JSON-Lib library used in Apache Struts’ REST framework programming platform is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures remotely...
UBUNTU-CVE-2019-8936
NTP through 4.2.8p12 has a NULL Pointer Dereference...
PT-2019-12184 · Tibco · Tibco Spotfire Server +1
Name of the Vulnerable Software and Affected Versions: TIBCO Spotfire Analytics Platform for AWS Marketplace versions up to and including 10.2.0 TIBCO Spotfire Server versions up to and including 10.2.0 Description: The Spotfire library component contains vulnerabilities that theoretically allow ...
DEBIAN-CVE-2019-11835
cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments...
com.github.oscerd:camel-cassandra (=2.23.0), com.playtika.sleuth:sleuth-camel-core (=1.0.2) +664 more potentially affected by CVE-2019-0194 via org.apache.camel:camel-core (=2.23.0)
org.apache.camel:camel-core MAVEN version =2.23.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.camel:camel-core and may be impacted: - com.github.oscerd:camel-cassandra =2.23.0 - com.playtika.sleuth:sleuth-camel-core =1.0.2 -...
Arbitrary Code Execution
java-1.8.0-openjdk is vulnerable to arbitrary code execution. The vulnerability exists through Libraries...
PYSEC-2019-205
Google TensorFlow 1.7.x and earlier is affected by a Buffer Overflow vulnerability. The type of exploitation is context-dependent...
PYSEC-2019-208
Google TensorFlow 1.7 and below is affected by: Buffer Overflow. The impact is: execute arbitrary code local...
GHSA-38FC-9XQV-7F7Q SQLAlchemy is vulnerable to SQL Injection via group_by parameter
SQLAlchemy 1.2.17 has SQL Injection when the groupby parameter can be controlled...
CVE-2019-9628
The XMLTooling library all versions prior to V3.0.4, provided with the OpenSAML and Shibboleth Service Provider software, contains an XML parsing class. Invalid data in the XML declaration causes an exception of a type that was not handled properly in the parser class and propagates an unexpected...
USN-3936-1 advancecomp vulnerability
It was discovered that AdvanceCOMP incorrectly handled certain PNG files. An attacker could possibly use this issue to execute arbitrary code...
The vulnerability of the Django library for the Python programming language, which allows attackers to compromise the integrity of protected information
The vulnerability of the Django library for the Python programming language is related to insufficient elimination of special elements in the output data used by the lower-level component. Exploiting this vulnerability can allow a malicious actor to cause service failures...
CVE-2018-4305
An input validation issue was addressed with improved input validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5...
CVE-2018-1936
IBM DB2 9.7, 10.1, 10.5, and 11.1 libdb2e.so.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 153316...
Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2019-1177)
Vulnerability in the Java SE component of Oracle Java SE subcomponent: Libraries. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker...
UBUNTU-CVE-2019-10025
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits...