Malicious code in @zalastax/nolb-_evi (npm)

The package @zalastax/nolb-evi was found to contain malicious code...

MAL-2025-9979 Malicious code in @zalastax/nolb-_evi (npm)

The package @zalastax/nolb-evi was found to contain malicious code...

evi-lingerie.gr Improper Access Control vulnerability OBB-3832552

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

SUSE CVE-2007-6429

Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via 1 a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or 2 a request containing valu...

evi-creations.com Cross Site Scripting vulnerability OBB-1230543

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

SuSE9 Security Update : XFree86-Xnest (YOU Patch Number 12043)

This update fixes various Xserver security issues. - File existence disclosure vulnerability. CVE-2007-5958 - XInput Extension Memory Corruption Vulnerability IDEF2888 CVE-2007-6427. - TOG-CUP Extension Memory Corruption Vulnerability IDEF2901 CVE-2007-6428. - EVI Extension Integer Overflow...

Mandriva Update for x11-server-xgl MDVSA-2008:025 (x11-server-xgl)

Check for the Version of x11-server-xgl OpenVAS Vulnerability Test Mandriva Update for x11-server-xgl MDVSA-2008:025 x11-server-xgl Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

Mandriva Update for x11-server-xgl MDVSA-2008:025 (x11-server-xgl)

Check for the Version of x11-server-xgl OpenVAS Vulnerability Test Mandriva Update for x11-server-xgl MDVSA-2008:025 x11-server-xgl Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

Ubuntu: Security Advisory (USN-571-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for libxfont, xorg-server vulnerabilities USN-571-1

Ubuntu Update for Linux kernel vulnerabilities USN-571-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5711.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for libxfont, xorg-server vulnerabilities USN-571-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

XFree86 / X.Org / NX multiple security vulnerabilities

XInput and TOG-CUP extensions memory corruption, EVI and MIT-SHM extensions integer overflows, multiple extensions array index overflows. libxfont PCF fonts parsing buffer overflow...

X.Org X Server MIT-SHM及EVI扩展整数溢出漏洞

BUGTRAQ ID: 27350,27353 CVECAN ID: CVE-2007-6429 Xorg X Server是Solaris x86平台上可用的X窗口系统显示服务器之一。 Xorg X Server的MIT-SHM扩展中负责在共享内存中创建位图的方式存在整数溢出漏洞。在分配位图的时候，服务器使用了来自请求的值验证所请求的大小没有大于所分配的共享内存。这个计算可能溢出，导致覆盖内存中的任意地址。 Xorg X...

SuSE 10 Security Update : xorg-x11-Xnest (ZYPP Patch Number 4875)

This update fixes various Xserver security issues. File existence disclosure vulnerability. CVE-2007-5958 XInput Extension Memory Corruption Vulnerability IDEF2888 CVE-2007-6427. TOG-CUP Extension Memory Corruption Vulnerability IDEF2901 CVE-2007-6428. EVI Extension Integer Overflow Vulnerability...

X.Org X server and Xfont library: Multiple vulnerabilities

Background The X Window System is a graphical windowing system based on a client/server model. Description regenrecht reported multiple vulnerabilities in various X server extension via iDefense: The XFree86-Misc extension does not properly sanitize a parameter within a PassMessage request,...

CVE-2007-6429

Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via 1 a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or 2 a request containing valu...

CVE-2007-6429

Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via 1 a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or 2 a request containing valu...

CVE-2007-6429

Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via 1 a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or 2 a request containing valu...

CVE-2007-6429

CVE-2007-6429 is a vulnerability in the X.Org Xserver (pre-1.4.1) involving integer overflows in the EVI and MIT-SHM extensions that could lead to arbitrary code execution. The initial description indicates memory allocation based on a 32-bit value in GetVisualInfo and shared-memory management de...

xfree86: integer overflow in EVI extension

Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via 1 a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or 2 a request containing valu...

Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : libxfont, xorg-server vulnerabilities (USN-571-1)

Multiple overflows were discovered in the XFree86-Misc, XInput-Misc, TOG-CUP, EVI, and MIT-SHM extensions which did not correctly validate function arguments. An authenticated attacker could send specially crafted requests and gain root privileges. CVE-2007-5760, CVE-2007-6427, CVE-2007-6428,...