121 matches found
Buffer overflow
Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client spice-gtk and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messag...
Important: Red Hat Security Advisory: spice and spice-gtk security update
An update for spice and spice-gtk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Zhengzhou Gusai Network Technology Co., Ltd. 95 build site display type system has XSS vulnerabilities
95 station-building display system is a station-building system of Zhengzhou Gusai Network Technology Co. Zhengzhou Gusai Network Technology Co., Ltd. 95 build website display type system has XSS vulnerability. An attacker can exploit the vulnerability to obtain sensitive information such as user...
Stored Cross-Site Scripting Vulnerability in Ant Express Display-based System
Ant Express Station is the sincere work of MaiMaiRui Network Technology Co., Ltd. based on the latest international SaaS Software as a Service model, the company's products are based on the concept of professional Saas services, is committed to providing customers with a professional one-stop...
[SECURITY] Fedora 29 Update: spice-0.14.1-2.fc29
The Simple Protocol for Independent Computing Environments SPICE is a remote display system built for virtual environments which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine...
Oracle Linux 7 : spice (ELSA-2019-0231)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-0231 advisory. 0.14.0-6.0.2.1 - Add ARM support 0.14.0-6.1 - Fix off-by-one error during guest-to-host memory address conversion Resolves: CVE-2019-3813 Tenable has extracted...
CentOS 6 : tigervnc (CESA-2017:0630)
An update for tigervnc is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
CentOS 7 : spice (CESA-2016:1205)
An update for spice is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
RedHat Update for spice RHSA-2016:1205-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RedHat Update for tigervnc RHSA-2015:2233-03
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 22 Update: spice-0.12.6-1.fc22
The Simple Protocol for Independent Computing Environments SPICE is a remote display system built for virtual environments which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine...
Image Display System 0.8.1 Directory Existence Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4870/info IDS Image Display System is an web based photo album application written in Perl. IDS is freely available and is maintained by Ashley M. Kirchner. Users can confirm the existence and location of various...
[SECURITY] Fedora 19 Update: spice-0.12.4-1.fc19
The Simple Protocol for Independent Computing Environments SPICE is a remote display system built for virtual environments which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine...
CentOS Update for vnc CESA-2009:0261 centos4 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
[SECURITY] Fedora 15 Update: tigervnc-1.0.90-4.fc15
Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains a client which will allow you ...
FeiXun enterprise website management system v2011 upload vulnerabilities pass to kill 0day-vulnerability warning-the black bar safety net
Affected version: v2011 Official website: http://www.webhtm.cn PRODUCT DESCRIPTION: Suitable Agent building a Business Site of the enterprise source code, The aspect of the practical! Program description: 1. Features: simplified and Traditional Chinese switch, the product display system, news...
CVE-2002-1837
The getAlbumToDisplay function in idsShared.pm for Image Display System IDS 0.81 allows remote attackers to determine the existence of arbitrary directories via ".." sequences in the album parameter, which generates different error messages depending on whether the directory exists or not...
CVE-2002-1837
The CVE-2002-1837 vulnerability affects Image Display System (IDS) 0.81 and is triggered by getAlbumToDisplay in idsShared.pm, where using .. in the album parameter enables remote attackers to verify the existence of arbitrary directories, evidenced by different error messages depending on whethe...
DSR-wmapm.sh
/bin/sh Pretty useless, we can mess up /etc/dumpdates or run shutdown on FreeBSD systems with wmapm from ports. If wmapm is installed from source we get root instead, so I suppose this might be worth somethinguid 0 on linux. kokanin@dtors pkginfo | grep -i wmapm wmapm-3.1 Laptop battery status...
CVE-2002-1837
The getAlbumToDisplay function in idsShared.pm for Image Display System IDS 0.81 allows remote attackers to determine the existence of arbitrary directories via ".." sequences in the album parameter, which generates different error messages depending on whether the directory exists or not...