CVE-2019-18835

Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /sendjoin, /sendleave, and /invite may not be correctly signed, or may not come from the expected servers...

CVE-2019-18835

Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /sendjoin, /sendleave, and /invite may not be correctly signed, or may not come from the expected servers...

For libssh2 integer overflow vulnerability (CVE-2019-17498)analysis-vulnerability warning-the black bar safety net

0x01 vulnerability mining In 2019 3 December 18, Canonical Ltd. Chris Coulson discloses libssh2 nine of vulnerability, CVE-2019-3855 to CVE-2019-3863-in. These vulnerabilities have been in the libssh2 v1. 8. 1 repair. At the time, my colleague Pavel Avgustinov note that fix vulnerabilities report...

CVE-2019-10496

Lack of checking a variable received from driver and populating in Firmware data structure leads to buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearable...

Buffer overflow

Lack of checking a variable received from driver and populating in Firmware data structure leads to buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearable...

CVE-2019-1789

ClamAV versions prior to 0.101.2 are susceptible to a denial of service DoS vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking...

CVE-2019-1789

ClamAV versions prior to 0.101.2 are susceptible to a denial of service DoS vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking...

DEBIAN-CVE-2011-0428

Cross Site Scripting XSS in ikiwiki before 3.20110122 could allow remote attackers to insert arbitrary JavaScript due to insufficient checking in comments...

CVE-2011-0428

Cross Site Scripting XSS in ikiwiki before 3.20110122 could allow remote attackers to insert arbitrary JavaScript due to insufficient checking in comments...

CVE-2011-0428

Cross Site Scripting XSS in ikiwiki before 3.20110122 could allow remote attackers to insert arbitrary JavaScript due to insufficient checking in comments...

Unspecified Vulnerability in CloudBees Jenkins Global Post Script Plugin

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Global Post Script Plugin is used in which a...

CVE-2017-5731

Bounds checking in Tianocompress before November 7, 2017 may allow an authenticated user to potentially enable an escalation of privilege via local access...

CVE-2017-5731

Bounds checking in Tianocompress before November 7, 2017 may allow an authenticated user to potentially enable an escalation of privilege via local access...

CVE-2017-5731

Bounds checking in Tianocompress before November 7, 2017 may allow an authenticated user to potentially enable an escalation of privilege via local access...

Design/Logic Flaw

Bounds checking in Tianocompress before November 7, 2017 may allow an authenticated user to potentially enable an escalation of privilege via local access...

CVE-2017-5731

Bounds checking in Tianocompress before November 7, 2017 may allow an authenticated user to potentially enable an escalation of privilege via local access...

CVE-2017-5731

CVE-2017-5731 is referenced across multiple advisories in connected documents, notably in EDK II/TianoCompress code where bounds checking in Tianocompress before 2017-11-07 could allow an authenticated local attacker to escalate privileges. The Ubuntu USN-6920-1 entry explicitly lists CVE-2017-57...

USN-4162-2: Linux kernel (Azure) vulnerabilities

USN-4162-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 ESM. It was discovered that the RSI 91x Wi-Fi driver in the Linux kernel did not did not handle detach...

Unspecified Vulnerability in CloudBees Jenkins CRX Content Package Deployer Plugin (CNVD-2019-42835)

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . CRX Content Package Deployer Plugin is used in...

CVE-2019-4523

IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 165481...