7640 matches found
MGASA-2017-0074 Updated flac packages fix security vulnerability
FLAC 1.3.2 fixes a NULL pointer dereference bug and adds bounds checking in the encoder. It also fixes various non security-relevant issues...
Pharos PopUp Printer Client Heap Buffer Overflow Vulnerability (CNVD-2017-02628)
Pharos PopUp Printer Client is a suite of printer client software from Pharos Systems International. A heap buffer overflow vulnerability exists in Pharos PopUp Printer Client version 9.0, which originates when the program fails to adequately perform bounds detection on user-submitted data,...
Sql injection
IBM Tivoli Storage Manager IBM Spectrum Protect 6.1, 6.2, 6.3, and 7.1 does not perform sufficient authority checking on SQL queries. As a result, an attacker is able to submit SQL queries that access database tables that are not intended for access or use by administrators. The access of these...
CVE-2016-7138
Cross-site scripting XSS vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2016-7138
Cross-site scripting XSS vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...
Cross site scripting
Cross-site scripting XSS vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...
PYSEC-2017-61
Cross-site scripting XSS vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...
PYSEC-2017-61
Cross-site scripting XSS vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2016-7138
CVE-2016-7138 is a cross-site scripting (XSS) vulnerability in Plone CMS’s URL checking infrastructure. Affects Plone 5.x up to 5.0.6, 4.x up to 4.3.11, and 3.3.x up to 3.3.6. The issue allows remote attackers to inject arbitrary web script or HTML via a crafted URL. The Connected documents confi...
CVE-2016-7138
Cross-site scripting XSS vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...
Western Digital My Cloud Buffer Overflow
------------------------------------------------------------------------ Stack-based buffer overflow in Western Digital My Cloud allows for remote code execution ------------------------------------------------------------------------ Remco Vermeulen, January 2017...
CVE-2016-8387
An exploitable heap-based buffer overflow exists in Iceni Argus. When it attempts to convert a malformed PDF with an object encoded w/ multiple encoding types terminating with an LZW encoded type, an overflow may occur due to a lack of bounds checking by the LZW decoder. This can lead to code...
Heap overflow
An exploitable heap-based buffer overflow exists in Iceni Argus. When it attempts to convert a malformed PDF with an object encoded w/ multiple encoding types terminating with an LZW encoded type, an overflow may occur due to a lack of bounds checking by the LZW decoder. This can lead to code...
CVE-2016-8387
An exploitable heap-based buffer overflow exists in Iceni Argus. When it attempts to convert a malformed PDF with an object encoded w/ multiple encoding types terminating with an LZW encoded type, an overflow may occur due to a lack of bounds checking by the LZW decoder. This can lead to code...
MuPDF 'jstest_main.c' Stack Buffer Overflow Vulnerability
Artifex Software MuPDF is a free, lightweight PDF reader from Artifex Software, USA. A stack buffer overflow vulnerability exists in MuPDF 'jstestmain.c', which originates from a failure to perform sufficient bounds checking before copying user data into an undersized buffer. An attacker could us...
shopify-scripts: Controlled address leak due to type confusion - ASLR bypass
There are several different places in which arguments are treated as fixnums without a prior check for their type. Since mrbvalue is a union that holds all value types, it can cause a mixup between an object pointer and an integer value: cpp typedef struct mrbvalue union mrbfloat f; void p; mrbin...
CVE-2017-5009
WebRTC in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Design/Logic Flaw
WebRTC in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2017-5024
FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file...
Design/Logic Flaw
FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file...