190 matches found
Huawei Data Communication: The undo local-user idle-cut command disables the idle-cut function for local users
Checks, if the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under...
Lock and Code S1Ep12: Pinpointing identity and access management’s future with Chuck Brooks
This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Chuck Brooks, cybersecurity evangelist and adjunct professor for Georgetown University’s Applied Intelligence Program and graduate Cybersecurity Programs...
USN-4407-1 libvncserver vulnerabilities
It was discovered that LibVNCServer incorrectly handled decompressing data. An attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. CVE-2019-15680 It was discovered that an information disclosure vulnerability existed in LibVNCServer when sendin...
The vulnerability of the ReadCUTImage function in the console-based image editing tool ImageMagick, related to the use of uninitialized resources, allows attackers to access confidential information or cause service failures.
The vulnerability of the ReadCUTImage function in the console-based ImageMagick graphics editor is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to gain access to confidential information or cause service failures...
ImageMagick: out-of-bounds write in InsertRow function in coders/cut.c
The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write...
ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c...
Unspecified Vulnerability in Apple iOS and iPadOS Mail Attachments Component
Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in the Mail Attachments component of Apple iOS prior to 13.4 and iPadOS prior ...
Apple Takes Heat Over 'Vulnerable' iOS Cut-and-Paste Data
Any cut-and-paste data temporarily stored to an iPhone or iPad’s memory can be accessed by all apps installed on the specific device – even malicious ones. That data can then reveal private information such as a user’s GPS coordinates, passwords, banking data or a spreadsheet copied into an email...
DEBIAN-CVE-2015-5239
Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service process crash via a CLIENTCUTTEXT message, which triggers an infinite loop...
UBUNTU-CVE-2019-15678
TightVNC code version 1.3.10 contains heap buffer overflow in rfbServerCutText handler, which can potentially result code execution.. This attack appear to be exploitable via network connectivity...
ALPINE-CVE-2019-13135
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c...
CVE-2019-13135
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c...
UBUNTU-CVE-2019-13135
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c...
The vulnerability of the “Security Management Center” component of the Dr.Web Enterprise Security Suite allows a hacker to execute HTML code.
The vulnerability of the “Security Management Center” component of the Dr.Web Enterprise Security Suite exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary HTML code into the user’s browser by placin...
Monero: Zero-amount miner TX + RingCT allows monero wallet to receive arbitrary amount of monero
NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty, so be sure to take your time filling out the report! Summary: By mining a...
Secret Charges Against Julian Assange Revealed Due to "Cut-Paste" Error
Has Wikileaks founder Julian Assange officially been charged with any unspecified criminal offense in the United States? — YES United States prosecutors have accidentally revealed the existence of criminal charges against Wikileaks founder Julian Assange in a recently unsealed court filing in an...
Secret Charges Against Julian Assange Revealed Due to "Cut-Paste" Error
Has Wikileaks founder Julian Assange officially been charged with any unspecified criminal offense in the United States? — YES United States prosecutors have accidentally revealed the existence of criminal charges against Wikileaks founder Julian Assange in a recently unsealed court filing in an...
CVE-2018-9208
Unauthenticated arbitrary file upload vulnerability in jQuery Picture Cut = v1.1Beta...
CVE-2018-9208
The CVE-2018-9208 entry corresponds to an Unaithenticated arbitrary file upload vulnerability in the jQuery Picture Cut component (<= v1.1Beta). Connected sources consistently describe that an unauthenticated user can upload arbitrary files via the vulnerable upload path (e.g., upload.php), en...
CVE-2018-9208
Unauthenticated arbitrary file upload vulnerability in jQuery Picture Cut = v1.1Beta...