CVE-2020-5844

Pandora FMS v7.0 NG (specifically v7.0NG.742_FIX_PERL2020) is affected by CVE-2020-5844. The vulnerability resides at index.php?sec=godmode/extensions&sec2=extensions/files_repo, where authenticated administrators can upload arbitrary PHP scripts and trigger execution by base64-decoding the file ...

CVE-2020-5844

index.php?sec=godmode/extensions&sec2=extensions/filesrepo in Pandora FMS v7.0 NG allows authenticated administrators to upload malicious PHP scripts, and execute them via base64 decoding of the file location. This affects v7.0NG.742FIXPERL2020...

PT-2020-18753 · Artica · Pandora Fms

Name of the Vulnerable Software and Affected Versions: Pandora FMS version 7.0NG.742 FIX PERL2020 Description: The issue allows authenticated administrators to upload malicious PHP scripts and execute them via base64 decoding of the file location. This is achieved through the...

CVE-2020-10571

An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data...

CVE-2020-10571

An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data...

PYSEC-2020-91

An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data...

PYSEC-2020-91

An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data...

Design/Logic Flaw

An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data...

CVE-2020-10571

An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data...

CVE-2020-10571

The CVE-2020-10571 issue affects psd-tools prior to v1.9.4, where the Cython implementation of RLE decoding fails to validate input data. This can be triggered by malicious or malformed PSD input, with documented advisories describing a related buffer overflow scenario when the Cython path is use...

Internet Bug Bounty: CVE-2020-10938-buffer overflow/out-of-bounds write in compress.c:HuffmanDecodeImage()

Hello, There is an out-of-bounds write that is likely exploitable while performing Huffman decoding of Fax images. The technical details are as follows. Type: integer underflow produces out of bounds heap/etc write Platform: 32-bit Details: 390 MagickExport MagickPassFail HuffmanDecodeImageImage...

Libnsgif Buffer Overflow Vulnerability (CNVD-2020-16720)

Libnsgif is a decoding library for GIF image file format written in C language. A security vulnerability exists in the 'gifnextLZW' function of the libnsgif.c file in Libnsgif version 0.1.2. An attacker can exploit this vulnerability to cause a denial of service out-of-bounds read and application...

CVE-2020-10223

npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to JBIG2Decode CNxJBIG2DecodeStream Heap Corruption at npdf!CAPPDAnnotHandlerUtils::createpopupformarkup+0x12fbe via a crafted PDF document...

Design/Logic Flaw

Multiple Read overflows due to improper length checks while decoding authentication in Cs domain/RAU Reject and TC cmd in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in...

CVE-2020-9476

ARRIS TG1692A devices allow remote attackers to discover the administrator login name and password by reading the /login page and performing base64 decoding...

Design/Logic Flaw

ARRIS TG1692A devices allow remote attackers to discover the administrator login name and password by reading the /login page and performing base64 decoding...

CVE-2020-9476

ARRIS TG1692A devices allow remote attackers to discover the administrator login name and password by reading the /login page and performing base64 decoding...

CVE-2020-1893

Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 inclusive, versions between 4.9.0 and 4.32.0 inclusive, and versio...

CVE-2020-1888

Insufficient boundary checks when decoding JSON in handleBackslash reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 inclusive, versions between 4.9.0 and 4.32.0 inclusive, and...

UBUNTU-CVE-2020-1888

Insufficient boundary checks when decoding JSON in handleBackslash reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 inclusive, versions between 4.9.0 and 4.32.0 inclusive, and...