87 matches found
CVE-2022-46878
Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...
PT-2022-26662 · Autodesk · Autodesk Design Review
Name of the Vulnerable Software and Affected Versions: Autodesk DesignReview versions affected versions not specified Description: A maliciously crafted .dwf or .pct file consumed through the DesignReview.exe application could lead to a memory corruption issue due to a write access violation. Thi...
SUSE-SU-2022:2071-1 Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.36.3 bsc1200106 - CVE-2022-30293: Fixed heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer bsc1199287. - CVE-2022-26700: Fixed memory corruption issue that may lead to code execution when processi...
CVE-2020-28615
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any o...
MGASA-2021-0427 Updated thunderbird packages fix security vulnerability
Mozilla developers Tyson Smith and Gabriele Svelto reported memory safety bugs present in Thunderbird ESR 78.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code CVE-2021-38493. The...
ASUS RT-AX86U suffers from a buffer overflow vulnerability
The RT-AX86U is a WiFi6 gaming router. The ASUS RT-AX86U suffers from a buffer overflow vulnerability that can be exploited by an attacker to trigger a memory corruption that could lead to code execution...
PT-2020-14809 · N Tron · N-Tron 702M12-W +1
Name of the Vulnerable Software and Affected Versions: N-Tron 702-W / 702M12-W all versions Description: The issue concerns reflected cross-site scripting, which could allow an attacker to execute arbitrary code and perform actions in the context of an attacked user. Recommendations: For all...
MGASA-2017-0410 Updated flash-player-plugin packages fixes security vulnerabilities
Adobe Flash Player 27.0.0.187 addresses critical vulnerabilities that could lead to code execution. The update fixes out-of-bounds reads CVE-2017-3112, CVE-2017-3114, CVE-2017-11213 and use-after-free issues CVE-2017-11215, CVE-2017-11225...
MGASA-2017-0317 Chromium-browser 60.0.3112.101 fixes security issues
Multiple flaws were found in the way Chromium 57 processes various types of web content, where loading a web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information. CVE-2017-5057, CVE-2017-5058, CVE-2017-5059, CVE-2017-5060,...
MGASA-2017-0268 Updated firefox packages fix security vulnerabilities
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2017-7779, CVE-2017-7798, CVE-2017-7800, CVE-2017-7801,...
SUSE-SU-2017:1575-1 Security update for netpbm
This update for netpbm fixes the following security issues: - CVE-2017-2581: An out-of-bounds write in writeRasterPbm could lead to memory corruption and potential code execution. bsc1024287...
SUSE-SU-2017:0470-1 Security update for xorg-x11-libXpm
This update for xorg-x11-libXpm fixes the following security issue: - A heap overflow in XPM handling could be used by attackers supplying XPM files to crash or potentially execute code. bsc1021315...
SUSE-SU-2016:1145-1 Security update for php53
This update for php53 fixes the following issues: - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM bnc973792. - CVE-2015-8835: SoapClient scall method suffered from a type confusion issue that could have lead to crashes bsc973351 - CVE-2016-2554: A NULL pointer dereference in phargetfpoffset...
MGASA-2015-0131 Updated firefox & thunderbird packages fix security vulnerabilities
Updated firefox and thunderbird packages fix security vulnerabilities: Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox or Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user...
Amazon Linux AMI : busybox (ALAS-2012-103)
A buffer underflow flaw was found in the way the uncompress utility of BusyBox expanded certain archive files compressed using Lempel-Ziv compression. If a user were tricked into expanding a specially crafted archive file with uncompress, it could cause BusyBox to crash or, potentially, execute...
Get Ready for Microsoft 13 updates for August Patch Tuesday
Get Ready for Microsoft 13 updates for August Patch Tuesday Microsoft has announced that it will release 13 bulletins to address 22 vulnerabilities in Windows, Office, Internet Explorer, .NET and Visual Studio on its next Patch Tuesday. Another "critical" bulletin affects Windows server operating...
CentOS Update for thunderbird CESA-2008:0209 centos4 x86_64
Check for the Version of thunderbird OpenVAS Vulnerability Test CentOS Update for thunderbird CESA-2008:0209 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
CVE-2006-3809
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a privileged context...
CVE-2005-0087
The alsa-lib package in Red Hat Linux 4 disables stack protection for the libasound.so library, which makes it easier for attackers to execute arbitrary code if there are other vulnerabilities in the library...
Trillian < 3.1.10.0 Multiple Vulnerabilities
Binary data 4515.prm...