190 matches found
PT-2024-39754 · Papercut · Papercut Ng/Mf
Name of the Vulnerable Software and Affected Versions: PaperCut NG/MF affected versions not specified Description: A reflected cross-site scripting XSS issue exists, allowing specially crafted JavaScript payloads to be executed in the browser. This occurs when a user clicks on a malicious link...
SUSE-SU-2024:3755-1 Security update for go1.21-openssl
This update for go1.21-openssl fixes the following issues: - CVE-2024-24791: Fixed denial of service due to improper 100-continue handling bsc1227314 - CVE-2024-24789: Fixed mishandling of corrupt central directory record in archive/zip bsc1225973 - CVE-2024-24790: Fixed unexpected behavior from ...
PaperCut NG/MF 安全漏洞
PaperCut NG/MF is a print management system from PaperCut, Inc. A security vulnerability exists in PaperCut NG/MF that originates from incorrectly creating non-existing files, which can flood disk space and cause a denial of service...
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message resulting in a denial of service.
...
QEMU: VNC: NULL pointer dereference in qemu_clipboard_request()
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...
QEMU: VNC: infinite loop in inflate_buffer() leads to denial of service
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...
CVE-2024-33844
The 'control' in Parrot ANAFI USA firmware 1.10.4 does not check the MAVMISSIONTYPE0, 1, 2, 255, which allows attacker to cut off the connection between a controller and the drone by sending MAVLink MISSIONCOUNT command with a wrong MAVMISSIONTYPE...
QEMU: VNC: infinite loop in inflate_buffer() leads to denial of service
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...
PT-2024-18389 · Papercut · Papercut Ng/Mf
Name of the Vulnerable Software and Affected Versions: PaperCut NG/MF affected versions not specified Description: This issue allows an already authenticated admin user to create a malicious payload that could be leveraged for remote code execution on the server hosting the application. The...
Mitsubishi Electric Electrical discharge machines
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Corporation Equipment : Electrical discharge machines Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could...
windermerecutparty.brownpapertickets.com Cross Site Scripting vulnerability OBB-3849162
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
The vulnerability of the qemu_clipboard_request() function in the embedded VNC emulator server of the QEMU hardware support allows a hacker to trigger a service failure.
The vulnerability of the qemuclipboardrequest function in the embedded VNC emulator server of the QEMU hardware emulation software is related to errors in pointer manipulation during the processing of ClientCutText messages. Exploiting this vulnerability can allow an attacker to cause a service...
UBUNTU-CVE-2023-6683
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...
OESA-2023-1786 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib...
CVE-2023-31046
A Path Traversal vulnerability exists in PaperCut NG before 22.1.1 and PaperCut MF before 22.1.1. Under specific conditions, this could potentially allow an authenticated attacker to achieve read-only access to the server's filesystem, because requests beginning with "GET /ui/static/..//.." reach...
The vulnerability of the XML-RPC protocol implementation in the network printing control software PaperCut NG allows a hacker to execute arbitrary commands.
The vulnerability of the XML-RPC protocol implementation in the PaperCut NG network printing control software is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
AZL-28791 CVE-2023-3255 affecting package qemu for versions less than 6.2.0-23
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...
UBUNTU-CVE-2023-3255
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...
CVE-2023-3255 Qemu: vnc: infinite loop in inflate_buffer() leads to denial of service
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...
SUSE CVE-2023-3255
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...