565 matches found
GHSA-HJGP-8FFR-HWWR closurecompiler downloads Resources over HTTP
Affected versions of closurecompiler insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on th...
ALPINE-CVE-2019-7572
SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMAADPCMnibble in audio/SDLwave.c...
CVE-2018-20451
The processfile function in reader.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service application crash via a crafted file...
USN-3815-1 gettext vulnerability
It was discovered that gettext incorrectly handled certain messages. An attacker could possibly use this issue to execute arbitrary code...
CVE-2018-8848
Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software, upon installation, sets incorrect permissions for an object that exposes it to an unintended actor...
OpenSC Infinite Recursion Vulnerability
OpenSC is a set of software tools and libraries for smart cards, focusing on smart cards with cryptographic capabilities. An infinite recursion vulnerability exists in iaseccselectfile in libopensc/card-iasecc.c in OpenSC prior to 0.19.0-rc1 when processing responses from IAS-ECC cards. An attack...
Security Bulletin: OpenSSL Heartbleed Vulnerability and Impact to Algo and OpenPages Products
Abstract The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privac...
CVE-2017-16147
shit-server is a file server. shit-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...
UBUNTU-CVE-2018-11254
An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file, a related issue to CVE-2017-8054...
CVE-2017-14541
XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at CADImage+0x000000000001f23e."...
Verification Bypass
salt is vulnerable to verification bypasses. The library doesn't verify certificates when establishing a connection to aliyun, promox or splunk modules...
FFMpeg 3.1.2 release fixes from 360GearTeam a high-risk vulnerability-vulnerability warning-the black bar safety net
360GearTeamoriginal 3 6 0 smart scan teamsecurity researchers link a Han recent studies FFMpeg security, find the FFMpeg in decoding the swf file when there is a buffer overflow vulnerability number CVE-2 0 1 6-6 6 7 1 The. The vulnerability under certain conditions can lead to arbitrary code...
BELL-CVE-2015-8618 CVE-2015-8618 does not affect BellSoft software
Bulletin has no description...
BELL-CVE-2013-7424 CVE-2013-7424 does not affect BellSoft software
Bulletin has no description...
BELL-CVE-2015-1787 CVE-2015-1787 does not affect BellSoft software
Bulletin has no description...
BELL-CVE-2015-1421 CVE-2015-1421 does not affect BellSoft software
Bulletin has no description...
BELL-CVE-2012-0050 CVE-2012-0050 does not affect BellSoft software
Bulletin has no description...
CVE-2011-3536
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to DTrace Software Library libdtrace...
Design/Logic Flaw
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to DTrace Software Library libdtrace...
CVE-2011-3536
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to DTrace Software Library libdtrace...