1058 matches found
Code Injection in elwerene/libreoffice-convert
Description The libreoffice-convert module is vulnerable against RCE since a command is crafted using user inputs not validated and then executed, leading to arbitrary command injection POC 1. Create the following PoC file: js // poc.js const libre = require'libreoffice-convert'; libre.convert'',...
DEBIAN-CVE-2013-7488
perl-Convert-ASN1 aka the Convert::ASN1 module for Perl through 0.27 allows remote attackers to cause an infinite loop via unexpected input...
CVE-2013-7488
perl-Convert-ASN1 aka the Convert::ASN1 module for Perl through 0.27 allows remote attackers to cause an infinite loop via unexpected input...
CVE-2013-7488
perl-Convert-ASN1 aka the Convert::ASN1 module for Perl through 0.27 allows remote attackers to cause an infinite loop via unexpected input...
Input validation
perl-Convert-ASN1 aka the Convert::ASN1 module for Perl through 0.27 allows remote attackers to cause an infinite loop via unexpected input...
CVE-2013-7488
perl-Convert-ASN1 aka the Convert::ASN1 module for Perl through 0.27 allows remote attackers to cause an infinite loop via unexpected input...
CVE-2013-7488
perl-Convert-ASN1 aka the Convert::ASN1 module for Perl through 0.27 allows remote attackers to cause an infinite loop via unexpected input...
CVE-2013-7488
perl-Convert-ASN1 aka the Convert::ASN1 module for Perl through 0.27 allows remote attackers to cause an infinite loop via unexpected input...
CVE-2013-7488
CVE-2013-7488 affects perl-Convert-ASN1 (Convert::ASN1) through 0.27. Connected Nessus advisories from MiracleLinux, Alibaba Cloud Linux, TencentOS/TencentOS Server, Oracle Linux, Red Hat/CentOS/AlmaLinux, and Astra Linux reference that updates exist to fix this issue, citing “infinite loop via u...
PT-2024-14579 · Poco +1 · Poco +1
Name of the Vulnerable Software and Affected Versions: POCO versions prior to 1.11.8p2 POCO versions prior to 1.12.5p2 POCO versions prior to 1.13.0 Description: The issue is caused by an integer overflow and resultant stack buffer overflow in UTF32Encoding.cpp, specifically in the...
AdPlug Buffer Overflow Vulnerability (CNVD-2019-32335)
AdPlug is an AdLib sound player library written in C++. A buffer overflow vulnerability exists in the 'CxadbmfPlayer::bmfconvertstream' function of the bmf.cpp file in AdPlug version 2.3.1. The vulnerability stems from a networked system or product performing operations in memory without properly...
DEBIAN-CVE-2019-14690
AdPlug 2.3.1 has a heap-based buffer overflow in CxadbmfPlayer::bmfconvertstream in bmf.cpp...
UBUNTU-CVE-2019-14690
AdPlug 2.3.1 has a heap-based buffer overflow in CxadbmfPlayer::bmfconvertstream in bmf.cpp...
Cross-site Scripting (XSS)
grumpydictator/firefly-iii is vulnerable to cross-site scripting XSS. The attack is possible because it does not escape the user provided data in transaction description field and in asset account name, allowing an attacker to inject malicious script in a convert transaction to get executed upon ...
Cross site scripting
Firefly III 4.7.17.4 is vulnerable to multiple stored XSS issues due to the lack of filtration of user-supplied data in the transaction description field and the asset account name. The JavaScript code is executed during a convert transaction action...
DEBIAN-CVE-2019-14497
ModuleEditor::convertInstrument in tracker/ModuleEditor.cpp in MilkyTracker 1.02.00 has a heap-based buffer overflow...
UBUNTU-CVE-2019-14497
ModuleEditor::convertInstrument in tracker/ModuleEditor.cpp in MilkyTracker 1.02.00 has a heap-based buffer overflow...
WinMPG iPod Convert 3.0 - Register Denial of Service
WinMPG iPod Convert 3.0 - Register Denial of Service Exploit Title: WinMPG iPod Convert 3.0 - 'Register' Denial of Service Date: 2019-07-16 Vendor Homepage:http://www.winmpg.com Software Link: https://www.techspot.com/downloads/downloadnow/6192/?evp=d62142990e9320a4e811b283fdcc4060&file= Exploit...
WinMPG iPod Convert 3.0 - 'Register' Denial of Service
Exploit Title: WinMPG iPod Convert 3.0 - 'Register' Denial of Service Date: 2019-07-16 Vendor Homepage:http://www.winmpg.com Software Link: https://www.techspot.com/downloads/downloadnow/6192/?evp=d62142990e9320a4e811b283fdcc4060&file= Exploit Author: stresser Tested Version: 3.0 Tested on: Windo...
WinMPG iPod Convert 3.0 Denial of Service Exploit
Exploit Title: WinMPG iPod Convert 3.0 Denial of Service Exploit Date: 16.07.2019 Vendor Homepage:http://www.winmpg.com Software Link: https://www.techspot.com/downloads/downloadnow/6192/?evp=d62142990e9320a4e811b283fdcc4060&file= Exploit Author: Achilles Tested Version: 3.0 Tested on: Windows XP...