156 matches found
UBUNTU-CVE-2021-39593
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swfFontExtractDefineFontInfo located in swftext.c. It allows an attacker to cause Denial of Service...
QEMU 缓冲区错误漏洞
QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. QEMU 4.1.0 suffers from a security vulnerability that stems from an out-of-bounds read flaw found in the ATI VGA implementation. It occurs in t...
Bigpipe predefine security breach
Bigpipe Predefine is a code library for managing Object.defineProperties objects in the Javascript language by the Bigpipe individual developers. A security vulnerability exists in predefine versions 0.0.0 through 0.1.2 that can be exploited by an attacker to cause a denial of service and...
osCommerce Phoenix CE Cross-Site Request Forgery Vulnerability
OsCommerce is an e-commerce and online store management software program.CE Phoenix is the official community version of osCommerce. A cross-site request forgery vulnerability exists in admin/definelanguage.php in osCommerce CE Phoenix versions prior to 1.0.5.4. No details of the vulnerability ar...
CVE-2020-27975
osCommerce Phoenix CE before 1.0.5.4 allows admin/definelanguage.php CSRF...
GHSA-9PCF-H8Q9-63F6 Sandbox Breakout / Arbitrary Code Execution in safe-eval
All versions of safe-eval are vulnerable to Sandbox Escape leading to Remote Code Execution. A payload chaining a function's callee and caller constructors can escape the sandbox and execute arbitrary code. For example, the payload = const targetKey = Object.keysthis0; Object.definePropertythis,...
Prototype Pollution
Overview deeps is a Highly performant utilities to manage deeply nested objects. get, set, merge, flatten, diff etc. Affected versions of this package are vulnerable to Prototype Pollution via the set function. POC: const deeps = require'deeps'; deeps.set, 'proto.polluted', true;...
DEBIAN-CVE-2020-17353
scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x through 2.21.4, when -dsafe is used, lacks restrictions on embedded-ps and embedded-svg, as demonstrated by including dangerous PostScript code...
CVE-2020-17353
scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x through 2.21.4, when -dsafe is used, lacks restrictions on embedded-ps and embedded-svg, as demonstrated by including dangerous PostScript code...
CVE-2019-19659
A CSRF vulnerability exists in the Web File Manager's Edit Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can take over a user account by changing the password, update users' details, and escalate privileges via RAPR/DefineUsersSet.html...
DEBIAN-CVE-2019-14665
Brandy 1.20.1 has a heap-based buffer overflow in definearray in variables.c via crafted BASIC source code...
UBUNTU-CVE-2019-14665
Brandy 1.20.1 has a heap-based buffer overflow in definearray in variables.c via crafted BASIC source code...
ghostscript: forceput in DefineResource is still accessible (700576)
It was found that the forceput operator could be extracted from the DefineResource method. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER...
The vulnerability of the DefineResource method in the Ghostscript file conversion program allows a attacker to escalate their privileges.
The vulnerability of the DefineResource method in the Ghostscript file conversion program is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor, operating remotely, to increase their privileges...
ghostscript: forceput in DefineResource is still accessible (700576)
It was found that the forceput operator could be extracted from the DefineResource method. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER...
UBUNTU-CVE-2019-3838
It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER...
Notepad++: Security check failure or stack buffer overrun (crash)
poc.py 1 Run poc.py 2 Open notepad++.exe 3 Go to "Define language..." 4 Use tab "Comment and Number" 5 Open 1stfield.txt and copy content to clipboard 6 Paste clipboard on "Comment line style in field Open" 7 Open 2ndfield.txt and copy content to clipboard 8 Paste clipboard on "Comment line style...
CVE-2018-6064
Type Confusion in the implementation of defineGetter in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
PT-2018-3934 · Libreoffice +4 · Libwpd +4
Name of the Vulnerable Software and Affected Versions: libwpd version 0.10.2 Description: The issue is related to a NULL pointer dereference in the WP6ContentListener::defineTable function, which can lead to a denial of service attack. This is associated with errors in pointer handling. The...
kernel: drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl()
An out-of-bounds write vulnerability was found in the Linux kernel's vmwsurfacedefineioctl function, in the 'drivers/gpu/drm/vmwgfx/vmwgfxsurface.c' file. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely...