11 matches found
CVE-2025-27817
A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHBEARER connection with the brokers, including "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url"...
SUSE CVE-2005-3089
Firefox 1.0.6 allows attackers to cause a denial of service crash via a Proxy Auto-Config PAC script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability...
Arbitrary Code Execution
php-imagick is vulnerable to arbitrary code execution. Lack of boundary checks when writing to an array of values in ImagickKernel::fromMatrix can potentially lead to out of bounds write to memory if the function is called with the data controlled by untrusted party...
CVE-2019-11037
In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix function did not check that the address will be within the allocated array. This could lead to out of bounds write to memory if the function is called with the data controlled ...
CVE-2019-11037
In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix function did not check that the address will be within the allocated array. This could lead to out of bounds write to memory if the function is called with the data controlled ...
CVE-2019-11037
In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix function did not check that the address will be within the allocated array. This could lead to out of bounds write to memory if the function is called with the data controlled ...
CVE-2019-11037 Out of bounds memory write in PHP Imagick extension
In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix function did not check that the address will be within the allocated array. This could lead to out of bounds write to memory if the function is called with the data controlled ...
CVE-2018-13410
DISPUTED Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service invalid free and application crash or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic scenarios in whi...
CVE-2018-13410
Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service invalid free and application crash or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic scenarios in which an...
DigiNotar fraudulent certificates
Well known domain names certificates were issued to untrusted party...
security flaw
Firefox 1.0.6 allows attackers to cause a denial of service crash via a Proxy Auto-Config PAC script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability...