Lucene search
+L

173 matches found

OSV
OSV
added 2017/05/12 8:29 p.m.5 views

UBUNTU-CVE-2017-8923

The zendstringextend function in Zend/zendstring.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact by leveraging a script's use ...

9.8CVSS6.8AI score0.07191EPSS
Exploits1References5
Debian
Debian
added 2016/01/23 10:33 p.m.18 views

[SECURITY] [DLA 399-1] foomatic-filters security update

Package : foomatic-filters Version : 4.0.5-6+squeeze2+deb6u13 CVE ID : not yet assigned cups-filters contains multiple buffer overflows caused by lack of size checks when copying from environment variables to local buffers strcpy as well on string concatenation operations strcat...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2015/12/16 12:0 a.m.22 views

Amazon Linux: Security Advisory (ALAS-2015-630)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS9.2AI score0.06664EPSS
Exploits0References2
OSV
OSV
added 2015/11/26 8:47 p.m.4 views

MGASA-2015-0456 Updated python-pygments packages fix security vulnerability

An unsafe use of string concatenation in a shell string occurs in FontManager. If the developer allows the attacker to choose the font and outputs an image, the attacker can execute any shell command on the remote system. The name variable injected comes from the constructor of FontManager, which...

7.3AI score
Exploits0References3
Mageia
Mageia
added 2015/11/26 8:47 p.m.21 views

Updated python-pygments packages fix security vulnerability

An unsafe use of string concatenation in a shell string occurs in FontManager. If the developer allows the attacker to choose the font and outputs an image, the attacker can execute any shell command on the remote system. The name variable injected comes from the constructor of FontManager, which...

5.2AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/01/15 12:0 a.m.34 views

Mozilla Firefox 17.x <= 17 Multiple Vulnerabilities

Binary data 801345.prm...

10CVSS9.2AI score0.73364EPSS
Exploits28References47
RedHat Linux
RedHat Linux
added 2013/01/08 9:28 p.m.5 views

Mozilla: Buffer overflow in Javascript string concatenation (MFSA 2013-12)

Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary...

9.3CVSS8.2AI score0.0633EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2012/08/12 12:0 a.m.33 views

NeoInvoice Blind SQL Injection

NeoInvoice is a multi-tenant open source invoicing system, that currently contains an unauthenticated blind SQL injection condition in signupcheck.php. The input for the value field isn't being properly sanitized, and is used in string concatenation to create the SQL query. See here for the...

7.5CVSS0.3AI score0.01199EPSS
Exploits2
NVD
NVD
added 2010/05/20 5:30 p.m.29 views

CVE-2010-1987

Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service memory consumption, out-of-bounds read, and application crash via JavaScript code that appends long strings to the content of a P element, and performs certain other string concatenation and substring...

5CVSS6.6AI score0.01515EPSS
Exploits2References6
ATTACKERKB
ATTACKERKB
added 2010/05/20 5:30 p.m.3 views

CVE-2010-1987

Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service memory consumption, out-of-bounds read, and application crash via JavaScript code that appends long strings to the content of a P element, and performs certain other string concatenation and substring...

10CVSS5.7AI score0.06392EPSS
Exploits4References7
Prion
Prion
added 2010/05/20 5:30 p.m.25 views

Null pointer dereference

Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service NULL pointer dereference and application crash or possibly execute arbitrary code via JavaScript code that performs certain string concatenation and substring operations, a different vulnerability than...

10CVSS8.1AI score0.06423EPSS
Exploits4References6Affected Software1
Cvelist
Cvelist
added 2010/05/20 5:0 p.m.39 views

CVE-2010-1988

Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service NULL pointer dereference and application crash or possibly execute arbitrary code via JavaScript code that performs certain string concatenation and substring operations, a different vulnerability than...

10AI score0.06423EPSS
Exploits2References6
exploitpack
exploitpack
added 2008/07/14 12:0 a.m.15 views

Microsoft Internet Explorer 6 - New ActiveX Object String Concatenation Memory Corruption

Microsoft Internet Explorer 6 - New ActiveX Object String Concatenation Memory Corruption source: https://www.securityfocus.com/bid/30219/info Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Remote attackers can exploit this issue to crash the affected applicatio...

0.2AI score
Exploits0
Rows per page
Query Builder