DEBIAN-CVE-2019-11338

libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service NULL pointer dereference and out-of-array access or possibly have unspecified other impact via crafted HEVC data...

USN-3434-1 libidn vulnerability

It was discovered that Libidn incorrectly handled decoding certain digits. A remote attacker could use this issue to cause Libidn to crash, resulting in a denial of service, or possibly execute arbitrary code...

UBUNTU-CVE-2016-4331

When decoding data out of a dataset encoded with the H5ZNBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution...

PT-2016-1037 · Microsoft · Silverlight

Name of the Vulnerable Software and Affected Versions: Microsoft Silverlight versions prior to 5.1.41212.0 Description: The issue is related to the mishandling of negative offsets during decoding, which can be exploited by remote attackers to execute arbitrary code or cause a denial of service vi...

Mozilla Thunderbird < 12.0 Multiple Vulnerabilities

Binary data 6792.prm...

PT-2013-1054 · Ruby +1 · Ruby On Rails +1

Name of the Vulnerable Software and Affected Versions: Ruby on Rails versions 2.3.x through 2.3.15 Ruby on Rails versions 3.0.x through 3.0.19 Description: The issue affects the confidentiality, integrity, and availability of protected information. It can be exploited remotely. The problem lies i...

Mozilla Thunderbird 10.0.x < 10.0.4 Multiple Vulnerabilities

The installed version of Thunderbird 10.0.x is potentially affected by the following security issues : - An off-by-one error exists in the 'OpenType Sanitizer' that could lead to out-bounds-reads and possible code execution. CVE-2011-3062 - Memory safety issues exist that could lead to arbitrary...

CVE-2006-2906

The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw GD library aka libgd 2.0.33 allows remote attackers to cause a denial of service CPU consumption via malformed GIF data that causes an infinite loop...

CVE-2004-1315

viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the highlight parameter when extracting words and phrases to highlight, which allows remote attackers to execute arbitrary PHP code by double-encoding the highlight value so that special characters are inserted into the result, which...

squirrelmail -- cross site scripting vulnerability

A SquirrelMail Security Notice reports: There is a cross site scripting issue in the decoding of encoded text in certain headers. SquirrelMail correctly decodes the specially crafted header, but doesn't sanitize the decoded strings...

[security bulletin] SSRT4719 hp OpenView Select Access remote unauthorized access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP SECURITY BULLETIN HPSBMA01045 REVISION: 0 SSRT4719 rev.0 hp OpenView Select Access remote unauthorized access ----------------------------------------------------------------- NOTICE: There are no restrictions for distribution of this Bulletin...

CVE-2002-0452

Foundry Networks ServerIron switches do not decode URIs when applying "url-map" rules, which could make it easier for attackers to cause the switch to forward traffic to a different server than intended and exploit vulnerabilities that would otherwise be inaccessible...

CVE-2001-1118

A module in Roxen 2.0 before 2.0.92, and 2.1 before 2.1.264, does not properly decode UTF-8, Mac and ISO-2202 encoded URLs, which could allow a remote attacker to execute arbitrary commands or view arbitrary files via an encoded URL...

MacOS_encryption_algorithm.txt

Subject: MacOS system encryption algorithm 3 To: [email protected] Sometime ago, Dawid adix Adamski sent to bugtraq the encryption algorithm in MacOS personal AppleShare server he found. I have been researching a little on this subject, and I've found his code fails when decoding the firs...