70 matches found
EUVD-2008-3508
Malware in sbrugna...
EUVD-2008-2659
Malware in sbrugna...
EUVD-2005-4863
Malware in sbrugna...
EUVD-2014-3024
Malware in sbrugna...
EUVD-2007-1880
Malware in sbrugna...
EUVD-2006-2314
Malware in sbrugna...
CVE-2025-49601
A flaw was found in mbedtls. The mbedtlslmsimportpublickey function fails to validate input buffer size before reading a 32-bit field, potentially leading to an out-of-bounds read when processing truncated input. This flaw allows a network-based attacker to trigger this condition by providing a...
CVE-2025-49601
In MbedTLS 3.3.0 before 3.6.4, mbedtlslmsimportpublickey does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtlslmsimportpublickey allows context-dependent...
Linux Distros Unpatched Vulnerability : CVE-2013-4237
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sysdeps/posix/readdirr.c in the GNU C Library aka glibc or libc6 2.18 and earlier allows context- dependent attackers to cause a denial of service out-of-bounds...
Linux Distros Unpatched Vulnerability : CVE-2016-9480
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libdwarf 2016-10-21 allows context-dependent attackers to obtain sensitive information or cause a denial of service by using the malformed dwarf file approach,...
RHEL 5 : curl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - curl: NTLM password overflow via integer overflow CVE-2018-14618 - cURL and libcurl 7.10.6 through 7.34.0...
SUSE CVE-2007-2748
The substrcount function in PHP 5.2.1 and earlier allows context-dependent attackers to obtain sensitive information via unspecified vectors, a different affected function than CVE-2007-1375...
SUSE CVE-2013-7323
python-gnupg before 0.3.5 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in unspecified vectors...
CVE-2019-6690
python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting...
PYSEC-2019-115
python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting...
Arbitrary Code Execution
java-1.7.1-ibm is vulnerable to arbitrary code execution attacks. The vulnerability exists as inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic...
Foxit PhantomPDF < 8.3.2 Multiple Vulnerabilities
According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 8.3.2. It is, therefore, affected by multiple vulnerabilities: - A flaw exists in the app.launchURL method allowing a context-dependent attacker to potentially...
AZL-44046 CVE-2016-9840 affecting package openjpeg2 2.3.1-12
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic...
ALPINE-CVE-2016-9841
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic...
AZL-44316 CVE-2016-9841 affecting package fltk for versions less than 1.3.8-1
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic...