Vulnerability fixed in ImageMagick

A malicious party could potentially exploit the vulnerability to execute arbitrary code under a user's privileges, when using the "convert" program to convert a specially prepared file to convert it to a PDF file. ImageMagick has released updates to fix the vulnerability. fix. For more informatio...

[SECURITY] Fedora 33 Update: perl-Convert-ASN1-0.27-21.fc33

Convert::ASN1 encodes and decodes ASN.1 data structures using BER/DER rules...

Prototype Pollution in ionicabizau/obj-unflatten

Description obj-unflatten convert flatten objects in nested ones. This package is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: javascript // poc.js const unflatten = require'obj-unflatten' console.log'Before: ' + .polluted unflatten'proto.polluted':...

Fedora: Security Advisory for perl-Convert-ASN1 (FEDORA-2020-d8bc3a9874)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 32 Update: perl-Convert-ASN1-0.27-19.fc32

Convert::ASN1 encodes and decodes ASN.1 data structures using BER/DER rules...

Fedora 32 : perl-Convert-ASN1 (2020-d8bc3a9874)

Security fix for CVE-2013-7488 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...

Low: Red Hat Security Advisory: Red Hat Virtualization security, bug fix, and enhancement update

An update is now available for Red Hat Virtualization Engine 4.4. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

Boxoft Convert Master 1.3.0 - (wav) SEH Local Exploit

Exploit Title: Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit Vendor Homepage: http://www.boxoft.com/ Software Link: http://www.boxoft.com/convert-master/setupboxoft-conver=t-master.exe Exploit Author: Achilles Tested Version: 1.3.0 Tested on: Windows 7 x64 1.- Run python code...

Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit

Exploit Title: Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit Date: 17.09.2020 Vendor Homepage: http://www.boxoft.com/ Software Link: http://www.boxoft.com/convert-master/setupboxoft-conver=t-master.exe Exploit Author: Achilles Tested Version: 1.3.0 Tested on: Windows 7 x64 1.- Run python...

Boxoft Convert Master 1.3.0 Local Buffer Overflow

Exploit Title: Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit Date: 17.09.2020 Vendor Homepage: http://www.boxoft.com/ Software Link: http://www.boxoft.com/convert-master/setupboxoft-conver=t-master.exe Exploit Author: Achilles Tested Version: 1.3.0 Tested on: Windows 7 x64 1.- Run python...

Boxoft Convert Master 1.3.0 wav SEH Local Exploit

Exploit Title: Boxoft Convert Master 1.3.0 wav SEH Local Exploit Date: 17.09.2020 Vendor Homepage: http://www.boxoft.com/ Software Link: http://www.boxoft.com/convert-master/setupboxoft-convert-master.exe Exploit Author: Achilles Tested Version: 1.3.0 Tested on: Windows 7 x64 1.- Run python code...

convertfiles.com Cross Site Scripting vulnerability OBB-1258809

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

FFmpeg: Multiple vulnerabilities

Background FFmpeg is a complete, cross-platform solution to record, convert and stream audio and video. Description Multiple vulnerabilities have been discovered in FFmpeg. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

Security Bulletin: OpenStack vulnerabilities affect IBM SmartCloud Entry(CVE-2015-7548, CVE-2015-8749 CVE-2015-1850)

Summary IBM SmartClound Entry is vulnerable to several Openstack Nova vulerabilities, which could allow a local authenticated attacker or a remote attacker to obtain sensitive information Vulnerability Details CVEID: CVE-2015-8749 DESCRIPTION: OpenStack Nova could allow a remote attacker to obtai...

OSV-2020-548 Heap-buffer-overflow in acommon::DecodeDirect<unsigned short>::decode

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16531 Crash type: Heap-buffer-overflow READ 2 Crash state: acommon::DecodeDirect::decode acommon::Convert::convert aspellspellersuggest...

pmdk-convert bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

pmdk-convert bug fix and enhancement update

An update is available for pmdk-convert. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

ALEA-2020:1618 pmdk-convert bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

perl-Convert-ASN1 and perl-LDAP bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

ALEA-2020:1575 perl-Convert-ASN1 and perl-LDAP bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...