CVE-2022-29181

Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors segfault or reads from unrelated memory. Version 1.13.6...

CVE-2022-29181 Improper Handling of Unexpected Data Type in Nokogiri

Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors segfault or reads from unrelated memory. Version 1.13.6...

CVE-2022-29181 Improper Handling of Unexpected Data Type in Nokogiri

Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors segfault or reads from unrelated memory. Version 1.13.6...

CVE-2022-29181

Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors segfault or reads from unrelated memory. Version 1.13.6...

python-pillow: buffer over-read during initialization of ImagePath.Path in path_getbbox() in path.c

A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image paths, leading to a buffer over-read and improper initialization. This flaw allows an attacker to unauthorized memory access that causes memory access errors, incorrect results, or crashes...

SUSE: Security Advisory (SUSE-SU-2016:0049-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-26930

An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be discarded by later...

Input validation

There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit of this vulnerability can cause memory access errors and denial of service...

CVE-2020-9139

CVE-2020-9139 affects Huawei smartphones via an improper input validation vulnerability in the device’s input handling. The root cause is input validation failure, allowing memory access errors and a denial-of-service condition. The available documents consistently describe impact as memory corru...

CVE-2020-9139

There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit of this vulnerability can cause memory access errors and denial of service...

Denial of Service Vulnerability in Mitsubishi Electric Corporation GX Works2

GX Work2 is a PLC programming software developed by Mitsubishi Electric Automation Co., Ltd. for PLC design, debugging, maintenance and other work, which is widely used in electric power, machinery manufacturing, iron and steel, petroleum, chemical and other industrial control fields. A denial of...

Denial of Service Vulnerability in GX Works2 (CNVD-2020-32342)

GX Works2 is a PLC programming software. A denial of service vulnerability exists in GX Works2. An attacker could cause a denial of service by sending constructed malicious packets that cause it to experience an illegal memory access resulting in a denial of service, or could potentially execute...

Provisioning Services 7.X: Target Devices Fail To Boot With Error "No servers available for disk"

When we start the Target Device, we notice the following error on the device during boot process. "No servers available for disk" We also notice Database Access errors for certain functions on the Event Viewer of PVS Server...

Denial of Service Vulnerability in MXProgrammer Software

MXProgrammer software is a windows desktop software of Weihai Mack Electric Technology Co., Ltd. which is used to communicate with its MX series PLC products and complete the functions of program writing and downloading. A denial of service vulnerability exists in the MXProgrammer software. The...

SUSE-SU-2016:0624-1 Security update for openssl

This update for openssl fixes various security issues and bugs: Security issues fixed: - CVE-2016-0800 aka the 'DROWN' attack bsc968046: OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a...

GnuPG 1.4.12 and lower - memory access errors and keyring database corruption

Versions of GnuPG = 1.4.12 are vulnerable to memory access violations and public keyring database corruption when importing public keys that have been manipulated. An OpenPGP key can be fuzzed in such a way that gpg segfaults or has other memory access violations when importing the key. The key m...

[SECURITY] [DSA 562-1] New mysql packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 562-1 [email protected] http://www.debian.org/security/ Martin Schulze October 11th, 2004 http://www.debian.org/security/faq -...

GOBBLES CGI MARATHON #003

PRODUCT AdStreamer http://www.sha-la-la.com/adstreamer/ DESCRIPTION This software have many an open call that can exploited with Perl tricks like ../, 00, |, etc. bash-2.05$ egrep 'open|system|exec|eval' .cgi addbanner.cgi: This script is apart of the Banner Manager system. It will add banners...