124 matches found
CVE-2022-21542
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime. Supported versions that are affected are 9.2.6.3 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...
The vulnerability of the CGM_NIST_Loader.dll library, a tool for 3D JT and JT2Go viewing, as well as the Teamcenter Visualization lifecycle management system, allows attackers to execute arbitrary code.
The vulnerability of the CGMNISTLoader.dll library, used by the 3D JT and JT2Go visualization tools, as well as the Teamcenter Visualization lifecycle management system, stems from the use of an uninitialized pointer during syntax analysis of CGM files. Exploiting this vulnerability allows...
PT-2022-18311
Name of the Vulnerable Software and Affected Versions Galleon NTS-6002-GPS version 4.14.103-Galleon-NTS-6002.V12 4 Description An issue was discovered in the Network Tools section of the web-management interface, allowing an authenticated attacker to perform command injection as root via shell...
The vulnerability of the F2fs-Tools tool, related to the ability to disclose information, allows a violator to gain access to confidential information.
The vulnerability of the F2fs-Tools tool is related to the exposure of confidential information. Exploiting this vulnerability could allow an attacker to gain access to confidential information through a specially created file system called f2fs...
Ubuntu 20.04 LTS : Squashfs-Tools vulnerability (USN-5078-3)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5078-3 advisory. USN-5078-1 fixed a vulnerability in Squashfs-Tools. That update was incomplete and could still result in Squashfs-Tools mishandling certain malformed SQUASHFS...
Out-of-Bounds Read
apk-tools is vulnerable to out-of-bound read. The vulnerability exists due to insufficient sanity checks on tar entries...
Information Disclosure
f2fs-tools is vulnerable to information disclosure. The vulnerability exists through the initnodemanager functionality where a crafted filesystem can be used to disclose information...
CVE-2020-14847
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Query. Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...
The vulnerability of Google Chrome browser developer tools lies in improper control of access to critical resources, allowing attackers to gain unauthorized access.
The vulnerability of Google Chrome browser developer tools is related to improper control over access to critical resources. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to information through a specially created HTML page...
Unspecified Vulnerability in Oracle JD Edwards EnterpriseOne Tools (CNVD-2018-19477)
Oracle JD Edwards Products is a fully integrated suite of Enterprise Resource Planning ERP applications from Oracle, providing financial management, project management, and asset lifecycle management applications.JD Edwards EnterpriseOne Tools is one of the tool components. A security vulnerabili...
The vulnerability of the aiff_open function (oggenc/audio.c) in the vorbis-tools package allows a hacker to cause a service failure.
The vulnerability of the aiffopen function oggenc/audio.c in the vorbis-tools package arises from operations that occur outside of the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to cause service interruptions by using a specially created AIFF file...
CVE-2017-1371
Builder tools running in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 contains a vulnerability that could allow an authenticated user to execute Builder tool actions they do not have access to. IBM X-Force ID: 126864...
tpm2-tools Authentication Authorization Vulnerability
tpm2-tools is a toolkit for monitoring trusted platform modules in Linux. A security vulnerability exists in versions of tpm2-tools prior to 1.1.1, which stems from the program passing passwords from the client to the server in plaintext. An attacker could exploit the vulnerability to obtain...
CVE-2016-9554
The Sophos Web Appliance Remote / Secure Web Gateway server version 4.2.1.3 is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php /controllers/MgrDiagnosticTools.php, in the component responsible for...
CVE-2016-9538
tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer because of a uint16 integer overflow. Reported as MSVR 35100...
The vulnerability of the CentOS operating system allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the xorg-x11-tools-6.8.2 package on the CentOS operating system can lead to violations of privacy, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...
The vulnerability of the Red Hat Enterprise Linux operating system, which allows a remote attacker to compromise the accessibility of protected information
The vulnerability of the avahi-tools-0.6.16 package for the Red Hat Enterprise Linux operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited remotely...
CVE-2009-1574
racoon/isakmpfrag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service crash via crafted fragmented packets without a payload, which triggers a NULL pointer dereference...
CVE-2009-1574
racoon/isakmpfrag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service crash via crafted fragmented packets without a payload, which triggers a NULL pointer dereference...
CVE-2008-4996
init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via a symlink attack on the /tmp/initramfs.debug temporary file. NOTE: the vendor disputes this vulnerability, stating that "init is used in a single-user context; there's no possibility that this is exploitable...