UBUNTU-CVE-2019-12730

aareadheader in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables...

CVE-2019-12730

CVE-2019-12730 affects FFmpeg: aa_read_header in libavformat/aadec.c may use uninitialized variables because sscanf failure isn’t checked. Affected releases are FFmpeg before 3.2.14 and 4.x before 4.1.4. This is fixed in FFmpeg 3.2.14 and 4.1.4 (per multiple advisories and official commits). Reme...

CVE-2019-12730

aareadheader in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables...

CVE-2019-12730

aareadheader in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables...

CVE-2019-12730

aareadheader in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables...

CVE-2019-6807

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible denial of service when writing sensitive application variables to the controller over Modbus...

CVE-2019-12247

QEMU 3.0.0 has an Integer Overflow because the qga/commands.c files do not check the length of the argument list or the number of environment variables. NOTE: This has been disputed as not exploitable...

DEBIAN-CVE-2019-12247

QEMU 3.0.0 has an Integer Overflow because the qga/commands.c files do not check the length of the argument list or the number of environment variables. NOTE: This has been disputed as not exploitable...

Integer overflow

DISPUTED QEMU 3.0.0 has an Integer Overflow because the qga/commands.c files do not check the length of the argument list or the number of environment variables. NOTE: This has been disputed as not exploitable...

CVE-2019-12247

QEMU 3.0.0 has an Integer Overflow because the qga/commands.c files do not check the length of the argument list or the number of environment variables. NOTE: This has been disputed as not exploitable...

CVE-2019-12247

QEMU 3.0.0 has an Integer Overflow because the qga/commands.c files do not check the length of the argument list or the number of environment variables. NOTE: This has been disputed as not exploitable...

CVE-2019-12247

DISPUTED QEMU 3.0.0 has an Integer Overflow because the qga/commands.c files do not check the length of the argument list or the number of environment variables. NOTE: This has been disputed as not exploitable...

QEMU integer overflow vulnerability (CNVD-2019-15553)

QEMU is a set of simulation processors written by Fabrice Bellard and distributed with source code under the GPL license, widely used on the GNU/Linux platform. An integer overflow vulnerability exists in QEMU 3.0.0. The vulnerability stems from the qga/commands.c file not checking the length of...

Command execution vulnerability in dotenv

dotenv is a library that enables Node.js to load environment variables from files. A command execution vulnerability exists in dotenv. An attacker can exploit this vulnerability to execute system commands...

Solaris 7/8/9 (#SPARC) - (dtprintinfo) Local Privilege Escalation (1) Exploit

Exploit for solaris platform in category local exploits / raptordtprintnamesparc.c - dtprintinfo 0day, Solaris/SPARC Copyright c 2004-2019 Marco Ivaldi 0day buffer overflow in the dtprintinfo1 CDE Print Viewer, leading to local root. Many thanks to Dave Aitel for discovering this vulnerability an...

Malicious Module

donotinstallthis was a malicious module. A malicious script was executed as a part of installation, allowing it to hijack environment variables to track and send information on how many installations were done...

Miteru - An Experimental Phishing Kit Detection Tool

Miteru is an experimental phishing kit detection tool. How it works It collects phishy URLs from the following feeds: CertStream-Suspicious feed via urlscan.io OpenPhish feed via urlscan.io PhishTank feed via urlscan.io Ayashige feed It checks each phishy URL whether it enables directory listing...

Race condition

A vulnerability in the Remote Package Manager RPM subsystem of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to leverage a time-of-check, time-of-use TOCTOU race condition to corrupt local variables, which could lead to arbitrary command injectio...

EulerOS Virtualization 3.0.1.0 : bash (EulerOS-SA-2019-1418)

According to the versions of the bash package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other...

Siemens SIPLUS IM153-2 BA02 Interface Module Detection

Binary data 750348.prm...