Design/Logic Flaw

Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers to execute arbitrary code via overwriting the binary devcpp.exe...

ManageEngine PAM360 Detection

Binary data manageenginepam360detect.nbin...

ManageEngine PAM360 REST API Restriction Bypass (CVE-2022-29081)

Binary data manageenginepam360cve-2022-29081.nbin...

Use of Uninitialized Function Pointer

Description When providing a crafted input binary to radare2, the context-readaddr function pointer is never initialized before use. This is due to the switch statement responsible for the assignment not finding a matching value for its switch cases. Calling function c static bool...

CVE-2019-9589

There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to for example the pdftops binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have...

CVE-2022-24290

A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.13, Teamcenter V13.0 All versions V13.0.0.9, Teamcenter V13.1 All versions, Teamcenter V13.2 All versions V13.2.0.8, Teamcenter V13.3 All versions V13.3.0.3, Teamcenter V14.0 All versions V14.0.0.2. The tcserver.exe bina...

Stack overflow

A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.13, Teamcenter V13.0 All versions V13.0.0.9, Teamcenter V13.1 All versions, Teamcenter V13.2 All versions V13.2.0.8, Teamcenter V13.3 All versions V13.3.0.3, Teamcenter V14.0 All versions V14.0.0.2. The tcserver.exe bina...

Apple iOS < 15.5 Multiple Vulnerabilities (HT213258)

Binary data appleios155check.nbin...

protobuf-java: potential DoS in the parsing procedure for binary data

A flaw was found in protobuf-java. Google Protocol Buffer protobuf-java allows the interleaving of com.google.protobuf.UnknownFieldSet fields. By persuading a victim to open specially-crafted content, a remote attacker could cause a timeout in the ProtobufFuzzer function, resulting in a denial of...

The vulnerability of the pre-processing processor Simcenter Femap, caused by overflow in the stack-based buffers, allows a hacker to execute arbitrary code.

The vulnerability of the pre-processing processor Simcenter Femap arises due to overflow in the stack-based buffer. Exploiting this vulnerability allows a remote attacker to execute arbitrary code during the analysis of specially created BDF files...

GHSA-8823-XPHR-QW9V Gentoo Portage does not verify X.509 certificates from SSL servers

The urlopen function in pym/portage/util/urlopen.py in Gentoo Portage 2.1.12, when using HTTPS, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and modify binary package lists via a crafted certificate...

Gentoo Portage does not verify X.509 certificates from SSL servers

The urlopen function in pym/portage/util/urlopen.py in Gentoo Portage 2.1.12, when using HTTPS, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and modify binary package lists via a crafted certificate...

openSUSE: Security Advisory for jackson-databind, (SUSE-SU-2022:1678-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE: Security Advisory (SUSE-SU-2022:1678-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15: jackson-annotations / jackson-annotations-javadoc / jackson-bom / etc (SUSE-SU-2022:1678-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1678-1 advisory. Security issues fixed: - CVE-2020-36518: Fixed a Java stack overflow exception and denial of...

CVE-2022-30775

xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by for example sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with the DCMAKECXXCOMPILER=afl-clang-fast++ option...

Checkbox Survey Web Detection

Binary data checkboxsurveywebapidetect.nbin...

PT-2022-20309 · Xpdf +1 · Xpdf +1

Name of the Vulnerable Software and Affected Versions: xpdf version 4.04 Description: The issue arises when xpdf allocates excessive memory in response to crafted input. This can be triggered by sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with the DCMAKE CX...

CVE-2020-16845

A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The...

GHSA-GVGC-RXMH-5HVW Apache Tomcat affected by infinite loop in Double.parseDouble method in Java Runtime Environment

The Double.parseDouble method in Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a...