842 matches found
CVE-2021-27501
Philips Vue PACS versions 12.2.x.x and prior does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities...
CVE-2021-27501
Philips Vue PACS versions 12.2.x.x and prior does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities...
CVE-2021-27501 Philips Vue PACS Improper Adherence to Coding Standards
Philips Vue PACS versions 12.2.x.x and prior does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities...
CVE-2021-27501
CVE-2021-27501 affects Philips Vue PACS and related Vue components (12.2.x.x and earlier). The issue is described as improper adherence to coding standards (CWE-710), which can heighten the severity of other vulnerabilities within the suite. The ICS-CISA advisory catalogs this CWE-710 alongside o...
CVE-2021-27501 Philips Vue PACS Improper Adherence to Coding Standards
Philips Vue PACS versions 12.2.x.x and prior does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities...
New Dell BIOS Bugs Affect Millions of Inspiron, Vostro, XPS, Alienware Systems
Five new security weaknesses have been disclosed in Dell BIOS that, if successfully exploited, could lead to code execution on vulnerable systems, joining the likes of firmware vulnerabilities recently uncovered in Insyde Software's InsydeH2O and HP Unified Extensible Firmware Interface UEFI...
Using deprecated Chainlink function latestAnswer
Lines of code Vulnerability details Proof of Concept According to Chainlink's documentation, the latestAnswer function is deprecated. This function does not error if no answer has been reached but returns 0. Besides, the latestAnswer is reported with 18 decimals for crypto quotes but 8 decimals f...
CVE-2022-24452
HEVC Video Extensions Remote Code Execution Vulnerability...
CVE-2022-23301
HEVC Video Extensions Remote Code Execution Vulnerability...
CVE-2022-24456
HEVC Video Extensions Remote Code Execution Vulnerability...
CVE-2022-22007
HEVC Video Extensions Remote Code Execution Vulnerability...
Free HermeticRansom Ransomware Decryptor Released
A free decryptor is out to unlock a ransomware found piggybacking on the HermeticWiper data wiper malware that ESET and Broadcom’s Symantec discovered targeting machines at financial, defense, aviation and IT services outfits in Ukraine, Lithuania and Latvia last week. The fact that there was...
openSUSE 15 Security Update : jasper (openSUSE-SU-2022:0562-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:0562-1 advisory. - A Divide-by-zero vulnerability exists in JasPer Image Coding Toolkit 2.0 in jasper/src/libjasper/jpc/jpcenc.c CVE-2021-27845 Note that Nessus has...
Fedora: Security Advisory for php (FEDORA-2022-2e5e723298)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2022-21927
HEVC Video Extensions Remote Code Execution Vulnerability...
CVE-2022-21926
HEVC Video Extensions Remote Code Execution Vulnerability...
GHSA-G6W6-R76C-28J7 Incorrect Authorization in NATS nats-server
This advisory is canonically Problem Description NATS nats-server through 2022-02-04 has Incorrect Access Control, with unchecked ability for clients to authorize into any account, because of a coding error in a long-extant experimental feature. A client crafting the initial protocol-level...
Incorrect Authorization in NATS nats-server
This advisory is canonically Problem Description NATS nats-server through 2022-02-04 has Incorrect Access Control, with unchecked ability for clients to authorize into any account, because of a coding error in a long-extant experimental feature. A client crafting the initial protocol-level...
android-gif-drawable vulerable to denial of service due to unrestricted comment length
decoding.c in android-gif-drawable before 1.2.24 does not limit the maximum length of a comment, leading to denial of service...
What is fuzz testing? What is it used to test for?
Fuzz testing, regularly known as fuzzing, is a product testing procedure that incorporates embedding flawed or arbitrary information FUZZ into a product framework to recognize coding issues and security issues. Fuzz testing involves infusing information into a framework utilizing robotized or...