8204 matches found
Amazon Linux AMI : python34 (ALAS-2019-1202)
Python is affected by improper Handling of Unicode Encoding with an incorrect netloc during NFKC normalization. The impact is information disclosure credentials, cookies, etc. that are cached against a given hostname. The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack...
Design/Logic Flaw
An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01-15. It has a statically coded initialization vector. Extraction of the initialization vector is necessary for deciphering communications between this application and the backend server. This, in...
CVE-2018-18979
An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01-15. It has a statically coded initialization vector. Extraction of the initialization vector is necessary for deciphering communications between this application and the backend server. This, in...
CVE-2018-18979
An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01-15. It has a statically coded initialization vector. Extraction of the initialization vector is necessary for deciphering communications between this application and the backend server. This, in...
CVE-2018-18979
The CVE-2018-18979 entry documents a vulnerability in the Ascensia Contour NEXT ONE Android app (pre-2019-01-15) caused by a statically coded initialization vector in the app’s crypto. This enables extraction of the IV to decipher communications with the backend server. When combined with another...
Denial Of Service (DoS)
libtiff is vulnerable to heap-based buffer overflow vulnerability. Remote attackers can cause a denial of service out-of-bounds write or execute arbitrary code via a crafted TIFF image with zero tiles. loadImage function in tiffcrop.c. loadImage will read the numbers of tiles by calling...
Denial Of Service (DoS)
mysql is vulnerable to denial of service DoS attacks. An unspecified vulnerability allows an local users to affect availability via vectors related to PS causing the application to crash...
Denial Of Service
libwmf is a library for reading and converting Windows Metafile Format WMF vector graphics. libwmf is used by applications such as GIMP and ImageMagick. It was discovered that libwmf did not correctly process certain WMF Windows Metafiles with embedded BMP images. By tricking a victim into openin...
Information Disclosure
java is vulnerable to information disclosure. An unspecified vulnerability allows a remote attacker to affect confidentiality via vectors related to 2D...
Privilege Escalation
mysql is vulnerable to privilege escalation. An unspecified vulnerability allows remotely authenticated users to affect integrity and availability via vectors related to SRCHAR...
Spoofing Vulnerability
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1970,...
Arbitrary Code Execution
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1970,...
Privilege Escalation
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1970,...
Arbitrary Code Execution
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1970,...
Information Disclosure
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1970,...
Denial Of Service (DoS)
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1970,...
Arbitrary Code Execution
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1970,...
Arbitrary Code Execution
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1970,...
Memory Corruption
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1970,...
Memory Corruption
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1970,...