31 matches found
CVE-2026-27824
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both remoteaddr and the X-Forwarded-For header. Since the X-Forwarded-For header i...
CVE-2026-27810
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...
GHSA-VH3X-525M-JP4R heap-buffer-overflow in MicroPython
A vulnerability was found in MicroPython 1.23.0. It has been rated as critical. Affected by this issue is the function mpzasbytes of the file py/objint.c. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and ma...
[SECURITY] Fedora 40 Update: rust-uu_expand-0.0.23-3.fc40
expand uutils convert input tabs to spaces...
CVE-2021-46940
In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix offset overflow issue in index converting The idxtooffset function returns type int 32-bit signed, but MSRPKGENERGYSTAT is u32 and would be interpreted as a negative number. The end result is that it hi...
Design/Logic Flaw
In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix offset overflow issue in index converting The idxtooffset function returns type int 32-bit signed, but MSRPKGENERGYSTAT is u32 and would be interpreted as a negative number. The end result is that it hi...
CVE-2021-46940
In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix offset overflow issue in index converting The idxtooffset function returns type int 32-bit signed, but MSRPKGENERGYSTAT is u32 and would be interpreted as a negative number. The end result is that it hi...
CVE-2021-46940 tools/power turbostat: Fix offset overflow issue in index converting
In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix offset overflow issue in index converting The idxtooffset function returns type int 32-bit signed, but MSRPKGENERGYSTAT is u32 and would be interpreted as a negative number. The end result is that it hi...
[SECURITY] Fedora 38 Update: libxls-1.6.2-14.fc38
This is libxls, a C library for reading Excel files in the old binary OLE format, plus a command-line tool for converting XLS to CSV named, appropriately enough, libxls2csv...
baeumer-converting-machines.de Cross Site Scripting vulnerability OBB-3289813
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
FFmpeg vorbis_header() function denial of service vulnerability
FFmpeg is a complete solution for recording, converting and streaming audio and video from the Ffmpeg team. A denial of service vulnerability exists in the FFmpeg vorbisheader function, which can be exploited by an attacker to cause a denial of service attack...
python-psutil: Double free because of refcount mishandling
A double free issue has been discovered in python-psutil because of the mishandling of refcounts while converting system data into Python objects in functions like psutildiskpartitions, psutilusers, psutilnetifaddrs, and others. In particular cases, a local attacker may be able to get code...
Oracle Outside In Technology Denial of Service Vulnerability (CNVD-2021-81796)
Oracle Outside In Technology is a software development kit SDK that provides developers with a comprehensive solution for extracting, normalizing, cleaning, converting, and viewing content in more than 600 unstructured file formats. A denial of service vulnerability in the Outside In Filters...
Oracle Outside In Technology Denial of Service Vulnerability (CNVD-2021-81800)
Oracle Outside In Technology is a software development kit SDK that provides developers with a comprehensive solution for extracting, normalizing, cleaning, converting, and viewing content in more than 600 unstructured file formats. A denial of service vulnerability in the Outside In Filters...
psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.
...
GSD-2021-1000054 tools/power turbostat: Fix offset overflow issue in index converting
tools/power turbostat: Fix offset overflow issue in index converting This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.3 by commit...
The new Wondershare PDFelement with added features
By Sudais Asif PDFelement is an all-in-one PDF solution allowing users to edit, convert, and optimise documents securely. Here's how it works. This is a post from HackRead.com Read the original post: The new Wondershare PDFelement with added features...
KLA11942 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, cause denial of service, execute arbitrary code, gain privileges, spoof user interface. Below is a complete list of...
Arbitrary Code Execution
cups is vulnerable to arbitrary code execution. An integer overflow flaw, leading to a heap-based buffer overflow, was discovered in the Tagged Image File Format TIFF decoding routines used by the CUPS image-converting filters, "imagetops" and "imagetoraster". An attacker could create a malicious...
[SECURITY] Fedora 28 Update: netmask-2.4.4-1.fc28
This is a handy tool for generating terse netmasks in several common formats. If you've ever maintained a firewall with more than a few rules in it, you might use netmask to clean up and generalize sloppy rules left by the network administrator before you. It will also convert netmasks from one...