IrfanView buffer overflow vulnerability (CNVD-2017-30384)

IrfanView is a Bosnia and Herzegovina software developer Irfan Skiljan developed a picture viewer, which supports image browsing, image editing, image format conversion, etc. PDF plugin is one of the PDF document reader plug-in. IrfanView 4.44 32-bit in the PDF plugin version 4.43 there is a buff...

CVE-2017-15261

IrfanView version 4.44 32bit with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Possible Stack Corruption starting at PDF!xmlGetGlobalState+0x0000000000057b35."...

CVE-2017-8018

EMC AppSync host plug-in versions 3.5 and below Windows platform only includes a denial of service DoS vulnerability that could potentially be exploited by malicious users to compromise the affected system...

EMC AppSync Host Plug-in Denial of Service Vulnerability

EMC AppSync is a suite of data protection software from EMC Corporation USA. The software provides simple, self-service, Service Level Agreement SLA-driven data protection and storage management for EMC VNX and EMC VMAX storage.Host Plug-in is one of the host plug-ins. A denial of service...

Joomla! LDAP injection leads to bypass the login authentication vulnerability bugCVE-2017-14596-vulnerability warning-the black bar safety net

With more than 8400 million downloads, Joomla! Is now the Internet's most popular CMS. It hosts a collection of world all website content and articles 3. 3 per cent. The use of code elucidating the object RIPS in the login controller detects a snapped celecoxib no invention of the LDAP injection...

Foscam IP Video Camera CGIProxy.fcgi SMTP Test Host Parameter Configuration Command Injection Vulnerability(CVE-2017-2841)

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting...

RHEL 6 : flash-plugin (RHSA-2017:2457)

An update for flash-plugin is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Discuz plug-in Bluegrass today wechat voting rights limit and brush votes vulnerability with python scripting-vulnerability warning-the black bar safety net

Two days before the bunch of friends online canvassing, feeling that something in the programmer before it is an irony（me is the programmer before me, when a programmer there are always people that you will be stolen QQ, attack, repair the computer。。。。） Directly into the theme, with to Tools: 1...

struts2 and double 叒 叕 a high-risk vulnerability S2-048-the vulnerability warning-the black bar safety net

Vulnerability ID: CVE-2017-9791 Vulnerability author: icez ic3zqq.com Affected version: Struts 2.3. x Vulnerability rating: high risk Vulnerability Brief Description: When the Struts 2 in Struts 1 Plug-in is enabled, an attacker through the use of malicious field values may cause the RCE. These...

[SECURITY] Fedora 25 Update: bind-dyndb-ldap-10.1-2.fc25

This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server...

GLSA-201707-01 : IcedTea: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201707-01 IcedTea: Multiple vulnerabilities Multiple vulnerabilities have been discovered in IcedTea. Please review the CVE identifiers referenced below for details. Note: If the web browser plug-in provided by the...

IrfanView FPX plugin buffer overflow vulnerability (CNVD-2017-15691)

IrfanView is an image viewer developed by Irfan Skiljan, a software developer from Bosnia and Herzegovina, which supports image browsing, image editing, image format conversion, etc. FPX Plugin is one of the programmable interface extensions. A buffer overflow vulnerability exists in IrfanView...

CVE-2017-10730

IrfanView version 4.44 32bit allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at FORMATS!GetPlugInInfo+0x0000000000007d96."...

CVE-2017-10731

IrfanView version 4.44 32bit allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at FORMATS!GetPlugInInfo+0x0000000000007d80."...

IcedTea: Multiple vulnerabilities

Background IcedTea’s aim is to provide OpenJDK in a form suitable for easy configuration, compilation and distribution with the primary goal of allowing inclusion in GNU/Linux distributions. Description Multiple vulnerabilities have been discovered in IcedTea. Please review the CVE identifiers...

Atlassian Hipchat Server Remote Code Execution Vulnerability

Atlassian JIRA is a defect tracking management system from Atlassian Australia, which is used to track and manage all kinds of issues and defects in the workplace.HipChat is one of the plug-ins that provides group chat, file sharing, video chat and screen sharing features. A remote code execution...

CVE-2017-8098

e107 2.1.4 is vulnerable to cross-site request forgery in plugin-installing, meta-changing, and settings-changing. A malicious web page can use forged requests to make e107 download and install a plug-in provided by the attacker...

MySQL 5.7.x < 5.7.18 Multiple Vulnerabilities (April 2017 CPU) (July 2017 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.18. It is, therefore, affected by multiple vulnerabilities : - A carry propagation error exists in the OpenSSL component in the Broadwell-specific Montgomery multiplication procedure when handling input lengths divisible by but...

MySQL 5.7.x < 5.7.18 Multiple Vulnerabilities (April 2017 CPU) (July 2017 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.18. It is, therefore, affected by multiple vulnerabilities : - A carry propagation error exists in the OpenSSL component in the Broadwell-specific Montgomery multiplication procedure when handling input lengths divisible by but...

Design/Logic Flaw

The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file...