165 matches found
CVE-2019-19926
multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880...
DEBIAN-CVE-2019-19926
multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880...
Code injection
multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880...
UBUNTU-CVE-2019-19926
multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880...
CVE-2019-19926
multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880...
Cross site scripting
Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting XSS filtering. This vulnerability affects Firefox 68...
CVE-2019-11720
Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting XSS filtering. This vulnerability affects Firefox 68...
CVE-2019-11720
Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting XSS filtering. This vulnerability affects Firefox 68...
The vulnerability of the pom.xml components and FilterScript.java plugin of the Jenkins Matrix Project allows a perpetrator to execute arbitrary code.
The vulnerability of the pom.xml components and FilterScript.java src/main/java/hudson/matrix/FilterScript.java of the Matrix Project plugin is related to errors in processing input data during syntax analysis of the code. Exploiting this vulnerability can allow a malicious actor to exit the...
The vulnerability of the Network-Based Application Recognition technology implementation in Cisco IOS and Cisco IOS XE operating systems allows attackers to trigger a service failure.
The vulnerability of the Network-Based Application Recognition technology in Cisco IOS and Cisco IOS XE operating systems exists due to errors in syntactic analysis of DNS packets. Exploiting this vulnerability allows a malicious actor, who has not undergone authentication checks, to trigger a...
The vulnerability of the ISDN function implementations in Cisco IOS and Cisco IOS XE operating systems allows a intruder to trigger a service failure.
The vulnerability of ISDN operating system functions in Cisco IOS and Cisco IOS XE exists due to errors in processing certain values in the Q.931 elements. Exploiting this vulnerability can allow an attacker to trigger a device reboot, resulting in service failure...
PT-2019-2301 · Jenkins · Jenkins Matrix Project Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Matrix Project Plugin versions 1.13 and earlier Description: A sandbox bypass issue exists, related to errors in input data processing during code parsing in components such as pom.xml and FilterScript.java. This allows attackers with...
Vulnerability Spotlight: Multiple remote vulnerabilities in TP-Link TL-R600VPN
Vulnerabilities discovered by Carl Hurd and Jared Rittle of Cisco Talos. Cisco Talos is disclosing multiple vulnerabilities in the TP-Link TL-R600VPN router. TP-Link produces a number of different types of small and home office SOHO routers. Talos discovered several bugs in this particular router...
Protobuf-Inspector - Tool To Reverse-Engineer Protocol Buffers With Unknown Definition
Simple program that can parse Google Protobuf encoded blobs version 2 or 3 without knowing their accompanying definition. It will print a nice, colored representation of their contents. Example: As you can see, the field names are obviously lost, together with some high-level details such as:...
The vulnerabilities in programs for viewing and editing PDF files such as Adobe Reader, Adobe Acrobat Document Cloud, Adobe Reader Document Cloud, and Adobe Acrobat allow attackers to breach the confidentiality of information.
The vulnerabilities of PDF viewing and editing programs such as Adobe Reader, Adobe Acrobat Document Cloud, Adobe Reader Document Cloud, and Adobe Acrobat are related to reading beyond the buffer limit and memory leaks resulting from parsing segment APP13 into JPEG files. Exploiting these...
FreeBSD : libxml2 -- multiple vulnerabilities (e5423caf-8fb8-11e5-918c-bcaec565249c)
reports : CVE-2015-5312 Another entity expansion issue David Drysdale. CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey David Drysdale. CVE-2015-7498 Avoid processing entities after encoding conversion failures Daniel Veillard. CVE-2015-7499 1 Add xmlHaltParser to stop the...
Memory Corruption Vulnerability in Ashampoo Photo Commander's Handling of ICO Images
Ashampoo Photo Commander Free is a photo management software from Germany. Ashampoo Photo Commander handles ICO images with logical errors that allow attackers to exploit vulnerabilities to parse malformed programs and cause the application to crash...
[USN-2435-1] Graphviz vulnerability
========================================================================== Ubuntu Security Notice USN-2435-1 December 09, 2014 graphviz vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
USN-2435-1: Graphviz vulnerability
It was discovered that graphviz incorrectly handled parsing errors. An attacker could use this issue to cause graphviz to crash or possibly execute arbitrary code...
USN-2435-1 graphviz vulnerability
It was discovered that graphviz incorrectly handled parsing errors. An attacker could use this issue to cause graphviz to crash or possibly execute arbitrary code...