PT-2026-30120

Juju is an open source application orchestration engine that enables any application operation on any infrastructure at any scale through special operators called ‘charms’. From versions 2.9 to before 2.9.56 and 3.6 to before 3.6.19, it is possible that a compromised workload machine under a Juju...

CVE-2022-49951

CVE-2022-49951 concerns the Linux kernel firmware_loader use-after-free during unregister. In firmware_upload_unregister(), device_unregister() could free fw_upload_priv via dev_release before module_put() dereferences it. The documented fix copies fw_upload_priv->module to a local variable an...

Humming Heads Defense Platform 参数注入漏洞

Humming Heads Defense Platform is a network security software from Humming Heads, Inc. A parameter injection vulnerability exists in Humming Heads Defense Platform Ver.3.9.51.x and prior versions, which stems from improper parameter delimiter neutralization, and could cause a blue screen of death...

Humming Heads Defense Platform 安全漏洞

Humming Heads Defense Platform is a network security software from Humming Heads, Inc. A security vulnerability exists in Humming Heads Defense Platform Ver.3.9.51.x and prior versions that originated from a vulnerability that allows an attacker to send a specially crafted message to modify syste...

SUSE CVE-2020-36773

Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c for txtwrite because a single character code in a PDF document can map to more than one Unicode code point e.g., for a ligature...

Artifex Software Ghostscript 缓冲区错误漏洞

Artifex Software Ghostscript is an open source parser for Postscript a page description language and programming language used in the electronics industry and desktop publishing from Artifex Software, Inc. The product can display Postscript files as well as print Postscript files on non-Postscrip...

SUSE CVE-2008-4196

Cross-site scripting XSS vulnerability in Opera before 9.52 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

SUSE CVE-2009-1234

Opera 9.64 allows remote attackers to cause a denial of service application crash via an XML document containing a long series of start-tags with no corresponding end-tags. NOTE: it was later reported that 9.52 is also affected...

SUSE CVE-2020-16297

A buffer overflow vulnerability in FloydSteinbergDitheringC in contrib/gdevbjca.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

SUSE CVE-2020-16298

A buffer overflow vulnerability in mjcolorcorrect in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

SUSE CVE-2020-16299

A Division by Zero vulnerability in bj10vprintpage in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

SUSE CVE-2020-16306

A null pointer dereference vulnerability in devices/gdevtsep.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51...

SUSE CVE-2020-16304

A buffer overflow vulnerability in imagerendercolorthresh in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51...

SUSE CVE-2020-16303

A use-after-free vulnerability in xpsfinishimagepath in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51...

SUSE CVE-2020-17538

A buffer overflow vulnerability in GetNumSameData in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

ghostscript: buffer overflow in mj_raster_cmd() in contrib/japanese/gdevmjc.c could result in a DoS

A buffer overflow vulnerability in mjrastercmd in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

ghostscript: buffer overflow in image_render_color_thresh() in base/gxicolor.c could result in a DoS

A buffer overflow vulnerability in imagerendercolorthresh in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51...

ghostscript: NULL pointer dereference in devices/vector/gdevtxtw.c and psi/zbfont.c could result in a DoS

A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51...

CVE-2021-22500

Cross Site Request Forgery vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could be exploited by attacker to trick the users into executing actions of the attacker's choosing...

Micro Focus Application Performance Management 跨站脚本漏洞

Micro Focus Application Performance Management is an application monitoring and management solution that lets you isolate any problems with all your applications - on-premise, cloud and mobile - in real time. A cross-site scripting vulnerability exists in Micro Focus Application Performance...