6 matches found
USN-8205-1: GStreamer Bad Plugins vulnerabilities
It was discovered that multiple plugins in GStreamer contained arithmetic overflows. An attacker could possibly use this issue to cause applications using the plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2023-37329, CVE-2023-40474, CVE-2023-40475,...
EUVD-2018-7800
Malware in sbrugna...
EUVD-2025-1585
Malicious code in bioql PyPI...
android-gif-drawable vulerable to denial of service due to unrestricted comment length
decoding.c in android-gif-drawable before 1.2.24 does not limit the maximum length of a comment, leading to denial of service...
PHP多个函数绕过safe_mode安全限制漏洞
BUGTRAQ ID: 35435 PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 在安全模式下,PHP没有禁用exec、system、passthru和popen这四个函数,只是在 safemodeexecdir目录下执行。但当safemode=on且safemodeexecdir为空时(默认),PHP在处理这一过程中存在安全隐患,在windows下exec/system/passthru可以通过引入“\”来执行程序。 以exec函数为例分析源码: // exec.c PHPFUNCTIONexec...
solaris.2.5.su.expect.txt
Date: Thu, 10 Jun 1999 14:13:06 -0500 From: Dr. Mudge To: [email protected] Subject: Solaris 2.5 /bin/su was: vulnerability in su/PAM in redhat The same sort of problem existed in solaris /bin/su on 2.5 and below. The comments in the quick proof of concept sploit below should explain further h...