openjpeg: heap-based buffer overflow in pj_t1_clbl_decode_processor in openjp2/t1.c

A heap-based buffer overflow flaw was found in the opjt1clbldecodeprocessor in openjpeg2. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

python-pillow: out-of-bounds write in expandrow in libImaging/SgiRleDecode.c

An out-of-bounds write flaw was discovered in python-pillow in the way SGI RLE images are decoded. An application that uses python-pillow to decode untrusted images may be vulnerable to this flaw, which can allow an attacker to crash the application or potentially execute code on the system...

Mozilla: Message ID calculation was based on uninitialized data

When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents. This vulnerability affects Thunderbird 68.5...

ruby: Unintentional directory traversal by poisoned NULL byte in Dir

It was found that the methods from the Dir class did not properly handle strings containing the NULL byte. An attacker, able to inject NULL bytes in a path, could possibly trigger an unspecified behavior of the ruby script...

chromium-browser: Inappropriate implementation in Blink

Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass HTML validators via a crafted HTML page...

chromium-browser: Insufficient policy enforcement in Blink

Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page...

chromium-browser: Inappropriate implementation in CORS

Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

chromium-browser: Type Confusion in JavaScript

Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

httpd: URL normalization inconsistency

A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes '/', directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing wi...

undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS

A vulnerability was found in the Undertow HTTP server listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service DOS to make the service unavailable on SSL...

CVE-2015-1850

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not an exploitable issue. Notes: none...

chromium-browser: Incorrect security UI in interstitials

Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page...

chromium-browser: Type Confusion in V8

Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

patch: do_ed_script in pch.c does not block strings beginning with a ! character

A flaw was found in GNU patch through version 2.7.6. Strings beginning with a exclamation mark are not blocked by default. When ed receives an exclamation mark-prefixed command line argument, the argument is executed as a shell command. The highest threat from this vulnerability is to data...

CVE-2014-1937

Gamera before 3.4.1 insecurely creates temporary files...

chromium-browser: File download protection bypass

Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page...

chromium-browser: Out-of-bounds read in PDFium

Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file...

chromium-browser: Buffer overrun in Blink

Out of bounds memory access in the gamepad API in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...

mysql: C API unspecified vulnerability (CPU Jan 2021)

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

php: Buffer over-read in exif_read_data()

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information...