112 matches found
CVE-2022-27385
An issue in the component Usedtablesandconstcache::usedtablesandconstcachejoin of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service DoS via specially crafted SQL statements...
CVE-2020-22061
SUPERAntispyware v8.0.0.1050 was discovered to contain an issue in the component saskutil64.sys. This issue allows attackers to arbitrarily write data to the device via IOCTL 0x9C402140...
CVE-2020-10643 OSIsoft PI System
An authenticated remote attacker could use specially crafted URLs to send a victim using PI Vision 2019 mobile to a vulnerable web page due to a known issue in a third-party component...
SUSE-SU-2019:0988-1 Security update for php72
This update for php72 fixes the following issues: - CVE-2019-9637: Due to the way rename across filesystems is implemented, it was possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data...
EUVD-2019-19007
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exifprocessIFDinMAKERNOTE because of mishandling the makernote-offset relationship to valuelen...
The vulnerability of the iOS operating system, which allows a hacker to trigger a service failure
The vulnerability of the Safari component in the iOS operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures through a specially crafted URL...
The vulnerability of the Android operating system, which allows a hacker to gain access to data beyond their authorized levels of permission
The vulnerability of the AOSP Messaging component in the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to gain access to data beyond their authorized levels of permission, using a specially crafted file...
SUSE-SU-2017:0411-1 Security update for mariadb
This mariadb version update to 10.0.29 fixes the following issues: - CVE-2017-3318: unspecified vulnerability affecting Error Handling bsc1020896 - CVE-2017-3317: unspecified vulnerability affecting Logging bsc1020894 - CVE-2017-3312: insecure error log file handling in mysqldsafe, incomplete...
The vulnerability of the Mac OS X operating system allows a perpetrator to trigger a service failure or obtain confidential information.
The vulnerability of the Audio component in the Mac OS X operating system is related to errors in calculating the size of audio data. Exploiting this vulnerability can allow a malicious actor to obtain confidential information or cause a service failure memory overflow by using a specially create...
SUSE-SU-2016:0822-1 Security update for tomcat
This update for tomcat fixes the following security issues. Tomcat has been updated from 7.0.55 to 7.0.68. CVE-2015-5174: Directory traversal vulnerability in RequestUtil.java in Apache Tomcat allowed remote authenticated users to bypass intended SecurityManager restrictions and list a parent...
ZH2003-9SA (security advisory): .netCart information disclusure
ZH2003-9SA security advisory: .netCart information disclusure Published: 16/07/2003 Released: 16/07/2003 Name: .netCart Affected Systems: All versions ? Issue: Remote attackers can obtain admin information including passwords Author: [email protected] Description Zone-h Security Team has...
Sudo 1.51.6 - Heap Corruption
Sudo 1.51.6 - Heap Corruption // source: https://www.securityfocus.com/bid/2829/info Sudo superuser do is a security utility that allows administrator to give 'restricted' superuser privileges to certain users. Sudo contains a locally exploitable buffer overrun vulnerability. The overrun conditio...