EUVD-2012-2311

Malware in sbrugna...

EUVD-2012-3512

Malware in sbrugna...

mutt: null pointer dereference

A null pointer dereference flaw was found in mutt when handling specially crafted characters. This issue could allow an attacker to send a specially crafted email that causes the email client to crash when reading or processing the email...

mutt: null pointer dereference

A null pointer dereference flaw was found in mutt when handling specially crafted characters. This issue could allow an attacker to send a specially crafted email that causes the email client to crash when reading or processing the email...

DEBIAN-CVE-2023-28101

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4, if an attacker publishes a Flatpak app with elevated permissions, they can hide those permissions from users of the flatpak1 command-line...

UBUNTU-CVE-2023-28101

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4, if an attacker publishes a Flatpak app with elevated permissions, they can hide those permissions from users of the flatpak1 command-line...

CVE-2019-20858

An issue was discovered in Mattermost Server before 5.15.0. It allows attackers to cause a denial of service CPU consumption via crafted characters in a SQL LIKE clause to an APIv4 endpoint...

The vulnerability of the International Components for Unicode library allows a attacker to trigger a service failure or cause other adverse effects.

The vulnerability of the collator implementation i18n/ucol.cpp in the International Components for Unicode library is related to resource management errors. Exploiting this vulnerability may allow a malicious actor to cause service failures or other effects through a specially crafted sequence of...

Design/Logic Flaw

The CLI parser in Cisco NX-OS 4.12E11, 6.211b, 6.212, 7.20ZZ99.1, 7.20ZZ99.3, and 9.11SV13.1.8 on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and...

CVE-2015-4237

The CLI parser in Cisco NX-OS 4.12E11, 6.211b, 6.212, 7.20ZZ99.1, 7.20ZZ99.3, and 9.11SV13.1.8 on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and...

Oracle Solaris Third-Party Patch Update : pidgin (multiple_vulnerabilities_in_pidgin)

The remote Solaris system is missing necessary patches to address security updates : - proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service application crash vi...

CVE-2014-1346

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, does not properly interpret Unicode encoding, which allows remote attackers to spoof a postMessage origin, and bypass intended restrictions on sending a message to a connected frame or window, via crafted characters in a URL...

Spoofing

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 allows remote attackers to cause a denial of service application crash or hang via crafted character sequences in JSON data, aka "JSON Parsing Vulnerability."...

CVE-2012-4950

Cross-site scripting XSS vulnerability in the Keyword Search page in the web interface in Pattern Insight 2.3 allows remote attackers to inject arbitrary web script or HTML via crafted characters that are not properly handled during construction of error messages...

Cross site scripting

Cross-site scripting XSS vulnerability in the Keyword Search page in the web interface in Pattern Insight 2.3 allows remote attackers to inject arbitrary web script or HTML via crafted characters that are not properly handled during construction of error messages...

CVE-2012-4950

Cross-site scripting XSS vulnerability in the Keyword Search page in the web interface in Pattern Insight 2.3 allows remote attackers to inject arbitrary web script or HTML via crafted characters that are not properly handled during construction of error messages...

pidgin: Improper validation of incoming plaintext messages in MSN protocol plug-in

msg.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.4 does not properly handle crafted characters, which allows remote servers to cause a denial of service application crash by placing these characters in a text/plain message...

CVE-2012-2318

msg.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.4 does not properly handle crafted characters, which allows remote servers to cause a denial of service application crash by placing these characters in a text/plain message...

DEBIAN-CVE-2012-2318

msg.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.4 does not properly handle crafted characters, which allows remote servers to cause a denial of service application crash by placing these characters in a text/plain message...

Opera Multiple Denial of Service Vulnerabilities - June12 (Linux)

The host is installed with Opera and is prone to multiple denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamultdosvulnjune12lin.nasl 6018 2017-04-24 09:02:24Z teissa $ Opera Multiple Denial of Service Vulnerabilities - June12 Linux Authors: Sooraj KS Copyright: Copyright ...