ImageMagick Input Validation Error Vulnerability (CNVD-2021-11327)

ImageMagick is a suite of open source image processing software. The software can read, convert or write images in a variety of formats. ImageMagick suffers from a security vulnerability, which stems from IntensityCompare of /magick/quantize.c, where a call to PixelPacketIntensity returns an...

The vulnerability of the REST API implementation of the network management system’s data center management module allows a attacker to gain access to protected information.

The vulnerability of the REST API interface of the Cisco Data Center Network Manager DCNM system is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to gain access to protected information remotely...

The vulnerability of the REST API implementation of the network management system’s data center management module allows a attacker to re-record any files on the device.

The vulnerability of the REST API interface of the Cisco Data Center Network Manager DCNM system is related to errors in processing input data. Exploiting this vulnerability allows an attacker to re-record any files on the device remotely...

CVE-2020-3565

A vulnerability in the TCP Intercept functionality of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured Access Control Policies including Geolocation and Service Polices on an affected system. The vulnerability exists because TCP...

The vulnerability of the ASP.NET Core software platform, related to errors in request processing, allows a hacker to cause a service failure.

The vulnerability of the ASP.NET Core software platform is related to errors in request processing. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure by sending specially crafted requests to the ASP.NET Core application...

Vulnerability of Connected User Experience and Telemetry Service functions in Microsoft Windows operating systems, allowing attackers to induce service failures.

The vulnerability of the Connected User Experience and Telemetry Service services of Microsoft Windows lies in memory object processing errors. Exploiting this vulnerability can allow an attacker to cause a service failure through a specially created application...

The vulnerability of the astra-openvpn-server administration system, related to data processing errors, allows a hacker to trigger a service failure.

The vulnerability of the astra-openvpn-server administration system is related to a data processing error. Exploiting this vulnerability could allow an attacker, operating remotely, to cause service failures by modifying the default file save path...

The vulnerability of the fly-fm file manager is related to an error in data processing through drag-and-drop, which allows a malicious actor to cause a service failure.

The vulnerability of the fly-fm file manager is related to an error in data processing through the drag-and-drop method for manipulating interface elements. Exploiting this vulnerability can allow attackers to cause service failures...

OSV-2020-1536 Segv on unknown address in GetValueFromLinkedList

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20923 Crash type: Segv on unknown address Crash state: GetValueFromLinkedList Magick::throwException Magick::Image::read...

PT-2020-3186 · Microsoft · Windows Address Book +1

Name of the Vulnerable Software and Affected Versions: Windows Address Book affected versions not specified Description: A remote code execution issue exists due to improper processing of vcard files by Windows Address Book WAB. An attacker can exploit this by sending a malicious vcard file that...

The vulnerability of the Windows Media Foundation component in Windows operating systems allows attackers to install programs, view, modify, delete data, or create new accounts with full user privileges.

The vulnerability of the Windows Media Foundation component in Windows operating systems is related to errors in processing objects in memory. Exploiting this vulnerability allows a malicious actor to remotely install programs, view, modify, delete data, or create new user accounts with full user...

The vulnerability in the modules/serverdensity_device.py of the configuration management system and SaltStack remote execution module allows a perpetrator to gain unauthorized access to confidential data, cause service failures, or compromise data integrity.

The vulnerability in the modules/serverdensitydevice.py module of the Configuration Management system and SaltStack’s remote execution feature is related to a data processing error. Exploiting this vulnerability can allow an attacker to gain unauthorized access to confidential data, cause service...

The vulnerability of the vclmi.dll component in the OpenOffice.org office software suite, specifically LibreOffice, relates to numerical processing errors. This vulnerability allows an attacker to gain unauthorized access to confidential data, cause service failures, or compromise data integrity.

The vulnerability of the vclmi.dll component in the OpenOffice.org suite of office programs for LibreOffice is related to numerical processing errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to confidential data, cause service failures, or compromise data...

The vulnerability of the EVP_EncodeUpdate function (crypto/evp/evp_enc.c) in the OpenSSL library, related to an error in processing a number, allows a perpetrator to trigger a service failure.

The vulnerability of the EVPEncodeUpdate function crypto/evp/evpenc.c in the OpenSSL library is related to an error in processing numbers. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

CVE-2020-3225

Multiple vulnerabilities in the implementation of the Common Industrial Protocol CIP feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerabilities a...

CVE-2019-4762

IBM MQ 9.0 and 9.1 is vulnerable to a denial of service attack due to an error in the Channel processing function. IBM X-Force ID: 173625...

The vulnerability of Xen hypervisors relates to the execution of loops with an unavailable exit condition, allowing a malicious actor to cause a service failure.

The vulnerability of Xen hypervisors is related to incorrect processing of bits during iterations. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the sqlite3ExprCodeTarget function in the SQLite database management system, related to the assignment of the null pointer, allows a attacker to cause a service failure.

The vulnerability of the sqlite3ExprCodeTarget function in the SQLite database management system is related to a column processing error in y.pTab. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...

The vulnerability of the Windows Network List Service on Windows operating systems allows a perpetrator to escalate their privileges.

The vulnerability of the Windows Network List Service on Windows operating systems is related to errors in processing objects in memory. Exploiting this vulnerability can allow an attacker to increase their privileges through a specially created application...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to bypass security restrictions.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to data processing errors. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions remotely...