The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to the execution of operations beyond the buffer boundaries in memory, allows attackers to execute arbitrary code.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted web page or file...

The vulnerability of the Jet Database Engine component of the Windows operating system, which allows a hacker to execute arbitrary code.

The vulnerability of the Jet Database Engine component of the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

Vulnerabilities of Microsoft Office and Office 365 applications, Office Online Server web servers, and Microsoft Word text editor are caused by an operation that goes beyond buffer boundaries in memory, allowing attackers to execute arbitrary code.

The vulnerabilities of Microsoft Office and Office 365 packages, Office Online Server, and Microsoft Word occur due to the execution of an operation outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created file from a...

The vulnerability of the Jet Database Engine component of the Windows operating system, which allows a hacker to execute arbitrary code.

The vulnerability of the Jet Database Engine component of the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

The vulnerability of the Jet Database Engine database management system in Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Jet Database Engine database management system for Windows operating systems relates to operations that go beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the Jet Database Engine component of the Windows operating system, which allows a hacker to execute arbitrary code.

The vulnerability of the Jet Database Engine component of the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Fedora 30 : cyrus-imapd (2019-309f559057)

Update to version 3.0.10, which fixes a security issue a buffer overrun vulnerability in the httpd daemon, CVE-2019-11356. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean...

FreeBSD : cyrus-imapd -- buffer overrun in httpd (10fd731c-8088-11e9-b6ae-001871ec5271)

Cyrus IMAP 3.0.10 Release Notes states : Fixed CVE-2019-11356: buffer overrun in httpd C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2020 Jacques Vidrine and contributors Redistribution and u...

EulerOS Virtualization 3.0.1.0 : curl (EulerOS-SA-2019-1549)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference flaw was found in the way libcurl checks values returned by the openldap ldapgetattributeber function. A...

EulerOS Virtualization for ARM 64 3.0.1.0 : curl (EulerOS-SA-2019-1540)

According to the versions of the curl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function...

CVE-2019-11036

Removed by vendor...

Debian DLA-1767-1 : monit security update

Zack Flack found several issues in monit, a utility for monitoring and managing daemons or similar programs. CVE-2019-11454 An XSS vulnerabilitty has been reported that could be prevented by HTML escaping the log file content when viewed via Monit GUI. CVE-2019-11455 A buffer overrun vulnerabilit...

Debian: Security Advisory (DLA-1767-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1767-1] monit security update

Package : monit Version : 1:5.9-1+deb8u2 CVE ID : CVE-2019-11454 CVE-2019-11455 Zack Flack found several issues in monit, a utility for monitoring and managing daemons or similar programs. CVE-2019-11454 An XSS vulnerabilitty has been reported that could be prevented by HTML escaping the log file...

The vulnerability of the Just-In-Time (JIT) compiler of IonMonkey in web browsers Firefox, Firefox ESR, and the email processing program Thunderbird, related to data writing beyond buffer boundaries, allows an attacker to trigger a service failure.

The vulnerability of the Just-In-Time JIT compiler in IonMonkey web browsers—Firefox, Firefox ESR, and the email processing program Thunderbird—is related to data writing beyond buffer boundaries and memory corruption. Exploiting this vulnerability can allow an attacker to cause service...

curl: An integer overflow found in /lib/urlapi.c

Summary: libcurl contains a heap-based buffer overrun in /lib/urlapi.c. A similiar issue to CVE-2018-14618. Steps To Reproduce: analysis I found a potential integer overflow which may lead to a buffer overrun in /curl/lib/urlapi.c. In function seturl, urllen was multiplied by 2 and then passed to...

cyrus-imapd -- buffer overrun in httpd

Cyrus IMAP 3.0.10 Release Notes states: Fixed CVE-2019-11356: buffer overrun in httpd...

The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser allows a hacker to execute arbitrary code.

The vulnerability of the ChakraCore JavaScript script handler in the Microsoft Edge browser is caused by an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page...

The vulnerability of the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code by connecting through the Windows Remote Registry Service...