CVE-2023-0796

LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e...

CVE-2022-3626

LibTIFF 4.4.0 has an out-of-bounds write in TIFFmemset in libtiff/tifunix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit...

CVE-2022-28805

singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code...

Input validation

Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege...

Exploit for Double Free in Whatsapp

CVE-2019-11932 Modifiez l'adresse d'écoute celle de l'attaqu...

[SECURITY] Fedora 28 Update: distcc-3.2rc1-22.fc28

distcc is a program to distribute compilation of C or C++ code across several machines on a network. distcc should always generate the same results as a local compile, is simple to install and use, and is often two or more times faster than a local compile...

WebKit JSC - JIT Optimization Check Failed in IntegerCheckCombiningPhase::handleBlock

WebKit JSC - JIT Optimization Check Failed in IntegerCheckCombiningPhase::handleBlock range.mmaxBound range.mmaxBound = data.maddend; range.mmaxOrigin = node-origin.semantic; else if data.maddend origin.semantic; ... The problem is that the check |data.maddend range.mmaxBound| is a signed...

focused Web Crawler: ACHE

ACHE is a focused Web crawler that can be customized to search for pages the belong to a given topic or have a given property. To configure ACHE, you need to: define a topic of interest e.g., Ebola, terrorism, cooking recipes; create a model to detect Web pages that belong to this topic; and...

pcre -- multiple vulnerabilities

PCRE development team reports: A pattern such as "?20,1999?", which has a group containing a forward reference repeated a large but limited number of times within a repeated outer group that has a zero minimum quantifier, caused incorrect code to be compiled, leading to the error "internal error:...

Microsoft .Net JIT memory corruption

Memory corruption during SMIL code compilation on 64 bit architecture...

Fedora Update for gcc FEDORA-2010-10640

Check for the Version of gcc OpenVAS Vulnerability Test Fedora Update for gcc FEDORA-2010-10640 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Borland C BCB6 compiler / tiny c compiler Invalid sizeof() calculation

Invalid sizeof calculation for integer during 64-bit code compilation leads to different problems...

MySQL 3.23.x/4.0.x - Remote Buffer Overflow

/ Mysql 3.23.x/4.0.x remote exploit proof of concept using jmp eax bkbll bkbll cnhonker.net,bkbll tom.com 2003/09/12 compile:gcc -o mysql mysql.c -L/usr/lib/mysql -lmysqlclient DO NOT DISTRUBITED IT / include include include include include include include include include define PAD 1942 define...

Allaire JRun 2.3 - Arbitrary Code Execution

Allaire JRun 2.3 - Arbitrary Code Execution source: https://www.securityfocus.com/bid/1831/info Jrun contains a vulnerability that allows a user to compile and execute JSP code from an arbitrary file on the webserver's filesystem. This bug is due to the way JSP execution is invoked -- if a...