CVE-2019-1120

A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124,...

UBUNTU-CVE-2019-13110

A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted CRW image file...

USN-4000-1 corosync vulnerability

It was discovered that Corosync incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

UBUNTU-CVE-2019-9819

A vulnerability where a JavaScript compartment mismatch can occur while working with the fetch API, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

BELL-CVE-2018-20509 CVE-2018-20509 does not affect BellSoft software

Bulletin has no description...

GHSA-HJGP-8FFR-HWWR closurecompiler downloads Resources over HTTP

Affected versions of closurecompiler insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on th...

ALPINE-CVE-2019-7572

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMAADPCMnibble in audio/SDLwave.c...

CVE-2018-20451

The processfile function in reader.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service application crash via a crafted file...

USN-3815-1 gettext vulnerability

It was discovered that gettext incorrectly handled certain messages. An attacker could possibly use this issue to execute arbitrary code...

CVE-2018-8848

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software, upon installation, sets incorrect permissions for an object that exposes it to an unintended actor...

OpenSC Infinite Recursion Vulnerability

OpenSC is a set of software tools and libraries for smart cards, focusing on smart cards with cryptographic capabilities. An infinite recursion vulnerability exists in iaseccselectfile in libopensc/card-iasecc.c in OpenSC prior to 0.19.0-rc1 when processing responses from IAS-ECC cards. An attack...

Security Bulletin: OpenSSL Heartbleed Vulnerability and Impact to Algo and OpenPages Products

Abstract The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privac...

CVE-2017-16147

shit-server is a file server. shit-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

UBUNTU-CVE-2018-11254

An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file, a related issue to CVE-2017-8054...

CVE-2017-14541

XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at CADImage+0x000000000001f23e."...

Verification Bypass

salt is vulnerable to verification bypasses. The library doesn't verify certificates when establishing a connection to aliyun, promox or splunk modules...

FFMpeg 3.1.2 release fixes from 360GearTeam a high-risk vulnerability-vulnerability warning-the black bar safety net

360GearTeamoriginal 3 6 0 smart scan teamsecurity researchers link a Han recent studies FFMpeg security, find the FFMpeg in decoding the swf file when there is a buffer overflow vulnerability number CVE-2 0 1 6-6 6 7 1 The. The vulnerability under certain conditions can lead to arbitrary code...

BELL-CVE-2015-8618 CVE-2015-8618 does not affect BellSoft software

Bulletin has no description...

BELL-CVE-2013-7424 CVE-2013-7424 does not affect BellSoft software

Bulletin has no description...

BELL-CVE-2015-1787 CVE-2015-1787 does not affect BellSoft software

Bulletin has no description...