235 matches found
CVE-2023-21112
In AnalyzeMfcResp of NxpMfcReader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-...
Moodle 跨站请求伪造漏洞
Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from a cross-site request forgery vulnerability that stems from the lack of an anti-cross-site request forgery...
Malicious code in transaction-analyze (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 de16c0c85e09c235c78e898320412a3a2ae473c2ae91e939862b5e99fcb5950b Package contains obfuscated code that exfiltrate basic data and awaits for commands from the remote server to execute them. This is a malicious copy of...
MAL-2025-3011 Malicious code in transaction-analyze (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 de16c0c85e09c235c78e898320412a3a2ae473c2ae91e939862b5e99fcb5950b Package contains obfuscated code that exfiltrate basic data and awaits for commands from the remote server to execute them. This is a malicious copy of...
Malicious code in webpacks-bundle-analyze (npm)
--- -= Per source details. Do not edit below this line.=-...
PT-2024-10674 · Google · Android
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a missing bounds check in the analyzeAxes function of FontUtils.cpp, which can lead to a possible out of bounds read. This could...
[SECURITY] Fedora 40 Update: xmedcon-0.24.0-1.fc40
This project stands for Medical Image Conversion and is released under the GNU's LGPL license. It bundles the C source code, a library, a flexible command-line utility and a graphical front-end based on the amazing Gtk+ toolkit. Its main purpose is image conversion while preserving valuable medic...
Malicious code in sap-analyze (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis dd016b8f72aa6c6e359d03969fb4b0f20682627dc46aab80d66bbdc007434dff The OpenSSF Package Analysis project identified 'sap-analyze' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...
Examining Water Sigbin's Infection Routine Leading to an XMRig Cryptominer
We analyze the multi-stage loading technique used by Water Sigbin to deliver the PureCrypter loader and XMRIG crypto miner...
Malicious code in analyze-me (PyPI)
--- -= Per source details. Do not edit below this line.=-...
ROPDump - A Command-Line Tool Designed To Analyze Binary Executables For Potential Return-Oriented Programming (ROP) Gadgets, Buffer Overflow Vulnerabilities, And Memory Leaks
ROPDump is a tool for analyzing binary executables to identify potential Return-Oriented Programming ROP gadgets, as well as detecting potential buffer overflow and memory leak vulnerabilities. Features Identifies potential ROP gadgets in binary executables. Detects potential buffer overflow...
[SECURITY] Fedora 40 Update: imagej-1.54i-1.fc40
ImageJ is a public domain Java image processing program. It can display, edit, analyze a wide variety of image data, including image sequences. Imagej can be used for quantitative analysis of engineering and scientific image data...
DEBIAN-CVE-2024-26540
A heap-based buffer overflow in Clmg before 3.3.3 can occur via a crafted file to cimglibrary::CImg::loadanalyze...
UBUNTU-CVE-2024-26540
A heap-based buffer overflow in Clmg before 3.3.3 can occur via a crafted file to cimglibrary::CImg::loadanalyze...
CVE-2024-26540
A heap-based buffer overflow in Clmg before 3.3.3 can occur via a crafted file to cimglibrary::CImg::loadanalyze...
Fedora: Security Advisory for imagej (FEDORA-2024-129d8ca6fc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
IBM Security Verify Governance Command Execution Vulnerability
IBM Security Verify Governance is an intelligent identity access platform from International Business Machines IBM, Inc. provides organizations with a platform to analyze, define and control user access and access risk. IBM Security verify Governance suffers from a command execution vulnerability...
Siemens Tecnomatix Plant Simulation Out-of-Bounds Write Vulnerability (CNVD-2023-56537)
Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany, that uses discrete-event simulation to analyze and optimize throughput and thereby improve manufacturing system performance. Siemens Tecnomatix Plant Simulation suffers from an out-of-bounds write...
Siemens Tecnomatix Plant Simulation Type Obfuscation Vulnerability
Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany, that uses discrete-event simulation to analyze and optimize throughput and thereby improve manufacturing system performance. A type confusion vulnerability exists in Siemens Tecnomatix Plant Simulation, whi...
PT-2023-35726 · Git +1 · Flac
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free error, which occurs when the program attempts to access memory that has already been freed. The crash state...