UBUNTU-CVE-2021-39598

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function callcode located in code.c. It allows an attacker to cause Denial of Service...

Swftools 代码问题漏洞

SWFTools is a suite of open source software tools for creating and manipulating SWF files. a null pointer dereference vulnerability exists in the codeparse function in SWFTools code.c. An attacker could exploit this vulnerability to cause a denial of service...

MonoCMS Blog 1.0 - Arbitrary File Deletion (Authenticated)

Exploit Title: MonoCMS Blog 1.0 - Arbitrary File Deletion Authenticated Date: 2020-09-20 Exploit Author: Shahrukh Iqbal Mirza @shahrukhiqbal24 Vendor Homepage: https://monocms.com/download Software Link: https://monocms.com/download Version: 1.0 Tested On: Windows 10 XAMPP CVE: N/A Proof of...

Whatsapp 2.19.216 Remote Code Execution

Exploit Title: Whatsapp 2.19.216 - Remote Code Execution Date: 2019-10-16 Exploit Author: Valerio Brussani @valbrux Vendor Homepage: https://www.whatsapp.com/ Version: include include include typedef uint8t byte; char gadgetp; void libc, lib; //dls iteration for rop int dlcallbackstruct dlphdrinf...

CVE-2017-15652

Artifex Ghostscript 9.22 is affected by: Obtain Information. The impact is: obtain sensitive information. The component is: affected source code file, affected function, affected executable, affected libga imagemagick used that. The attack vector is: Someone must open a postscript file though...

Design/Logic Flaw

Artifex Ghostscript 9.22 is affected by: Obtain Information. The impact is: obtain sensitive information. The component is: affected source code file, affected function, affected executable, affected libga imagemagick used that. The attack vector is: Someone must open a postscript file though...

CVE-2017-15652

Artifex Ghostscript 9.22 is affected by: Obtain Information. The impact is: obtain sensitive information. The component is: affected source code file, affected function, affected executable, affected libga imagemagick used that. The attack vector is: Someone must open a postscript file though...

CVE-2018-16169

Cybozu Remote Service 3.0.0 to 3.1.0 allows remote authenticated attackers to upload and execute Java code file on the server via unspecified vectors...

Directory traversal

Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3.1.8 allows remote attackers to execute Java code file on the server via unspecified vectors...

CVE-2018-16169

Cybozu Remote Service 3.0.0 to 3.1.0 allows remote authenticated attackers to upload and execute Java code file on the server via unspecified vectors...

Remote Code Execution (RCE)

libvncserver.so is vulnerable to remote code execution. The vulnerability is possible because of the flaw in the server code of the file transfer extension, leading to heap use-after-free...

Freeware Advanced Audio Coder Invalid Memory Address Dereference Vulnerability (CNVD-2019-05827)

Freeware Advanced Audio Coder FAAC is a software program that contains the AAC encoder FAAC and the decoder FAAD2. An invalid memory address dereference vulnerability exists in the huffcode function in libfaac/huff2.c in Freeware Advanced Audio Coder FAAC 1.29.9.2, which can be exploited by an...

DEBIAN-CVE-2018-11214

An issue was discovered in libjpeg 9a. The gettextrgbrow function in rdppm.c allows remote attackers to cause a denial of service Segmentation fault via a crafted file...

Visual Studio Security Extension: Puma Scan

Visual Studio Security Extension Puma Scan is the leading software security Visual Studio analyzer extension. Built on top of Roslyn, the open-source .NET Compiler Platform, Puma Scan provides real time, continuous source code analysis as development teams write code. Vulnerabilities are...

EasyTalk越权查看任意用户的消息

简要描述： EasyTalk越权查看任意用户的消息 详细说明： 出现问题的代码文件路径 : easytalk/Home/Lib/Action/ImAction.class.php 代码加载时，没要求登录 public function initialize parent::init; 出现问题的代码在这里 //获得历史聊天记录 public function getDayRecord $uid=intval$POST'userid'; $user=M'Users'-where"userid='$uid'"-find; if $user...

Ubuntu Update for txt2man USN-1979-1

Check for the Version of txt2man OpenVAS Vulnerability Test $Id: gbubuntuUSN19791.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for txt2man USN-1979-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software...

Cscope putstring Multiple Buffer Overflow vulnerability

This host has installed Cscope and is prone to Multiple Buffer Overflow vulnerability OpenVAS Vulnerability Test $Id: gbcscopeputstringmultbofvuln.nasl 4865 2016-12-28 16:16:43Z teissa $ Cscope putstring Multiple Buffer Overflow vulnerability. Authors: Antu Sanadi Copyright: Copyright c 2009...

Stack overflow

Multiple stack-based buffer overflows in the putstring function in find.c in Cscope before 15.6 allow user-assisted remote attackers to execute arbitrary code via a long 1 function name or 2 symbol in a source-code file...

CVE-2009-1577

Multiple stack-based buffer overflows in the putstring function in find.c in Cscope before 15.6 allow user-assisted remote attackers to execute arbitrary code via a long 1 function name or 2 symbol in a source-code file...

CVE-2009-1577

Multiple stack-based buffer overflows in the putstring function in find.c in Cscope before 15.6 allow user-assisted remote attackers to execute arbitrary code via a long 1 function name or 2 symbol in a source-code file...