1307 matches found
SUSE CVE-2016-3158
The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOT...
SUSE CVE-2016-3159
The fpufxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits...
SUSE CVE-2016-7170
The vmsvgafiforun function in hw/display/vmwarevga.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service out-of-bounds write and QEMU process crash via vectors related to cursor.mask and cursor.image array sizes when processing a DEFINECURSOR svga command...
SUSE CVE-2017-3073
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution...
SUSE CVE-2017-3081
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability during internal computation caused by multiple display object mask manipulations. Successful exploitation could lead to arbitrary code execution...
SUSE CVE-2017-5406
A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks. This vulnerability affects Firefox 52 and Thunderbird 52...
SUSE CVE-2018-4190
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote...
SUSE CVE-2018-5174
In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEEMASKFLAGNOUI" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and i...
SUSE CVE-2018-5685
In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function coders/bmp.c. Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value...
SUSE CVE-2018-6115
Inappropriate setting of the SEEMASKFLAGNOUI flag in file downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially bypass OS malware checks via a crafted HTML page...
SUSE CVE-2018-15862
Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash NULL pointer dereference the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers...
SUSE CVE-2022-0137
A heap buffer overflow in imagesetmask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries...
CVE-2021-36432
SQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via josetmask function in jocms/apps/mask/mask.php...
CVE-2021-36433
SQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via jodeletemask function in jocms/apps/mask/mask.php...
jocms SQL注入漏洞
jocms is mxgbr individual developers an easy to edit simple CMS. A security vulnerability exists in jocms version 0.8, which is caused by SQL injection, and can be exploited by remote attackers to run arbitrary SQL commands and view sensitive information via the josetmask function in...
D-Link DIR-878 操作系统命令注入漏洞
The D-Link DIR-878 is a wireless router from China-based AUO D-Link. The D-Link DIR-878 DIR878FW1.30B08 firmware version suffers from an operating system command injection vulnerability that stems from its /SetNetworkSettings/SubnetMask component that allows attackers to achieve command injection...
PT-2025-38050
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to inter-processor interrupts IPIs. Specifically, a NULL pointer dereference can occur in the irq data get affinity mask function when ipi send...
WordPress plugin Better Messages 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
Moderate: dhcp security and enhancement update
The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to...
UBUNTU-CVE-2022-0137
A heap buffer overflow in imagesetmask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries...