Important: Red Hat Security Advisory: Red Hat OpenStack Services on OpenShift 18.0.18 (openstack-nova) security update

An update for openstack-nova is now available for Red Hat OpenStack Services on OpenShift 18.0.18 Antelope. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2025-52666

Improper neutralisation of format characters in the settings of Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an administrator user to disable the admin user console due to a fatal PHP error...

CVE-2025-52666

Improper neutralisation of format characters in the settings of Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an administrator user to disable the admin user console due to a fatal PHP error...

PT-2024-41503 · 'Ред Софт' · Ред База Данных

Уязвимость функции readConfig модуля TraceConfiguration.cpp системы управления базами данных «Ред База Данных» связана с неправильной обработкой параметра time format. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании...

PT-2024-33892

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns a potential dereferencing of ERR PTR in the Linux kernel, specifically in the uvc v4l2.c file. This affects the find format by pix and uvc v4l2 enum format functions...

SUSE CVE-2019-18420

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOPinitialise hypercall. hypercallcreatecontinuation is a variadic function which uses a printf-like format string to interpret its parameters. Error handling for a bad format...

Cross-site scripting - Stored via upload `.svg` file in

Description When user upload a file with .svg extension and direct access this file, the server response with Content-type: image/svg+xml lead to processing SVG as HTML file Proof of Concept POST /api/resource HTTP/2 Host: demo.usememos.com Cookie:...

SUSE: Security Advisory (SUSE-SU-2022:3939-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:3939-1 Security update for rpm

This update for rpm fixes the following issues: - Fixed PGP parsing bugs bsc1185299. - Fixed various format handling bugs bsc996280. - CVE-2021-3421: Fixed vulnerability where unsigned headers could be injected into the rpm database bsc1183543. - CVE-2021-20271: Fixed vulnerability where a...

[SECURITY] Fedora 31 Update: ark-20.04.3-3.fc31

Ark is a program for managing various archive formats. Archives can be viewed, extracted, created and modified from within Ark. The program can handle various formats such as tar, gzip, bzip2, zip, rar and lha if appropriate command-line programs are installed...

CVE-2019-2575

Vulnerability in the Oracle AutoVue 3D Professional Advanced component of Oracle Supply Chain Products Suite subcomponent: Format Handling - 2D. Supported versions that are affected are 21.0.0 and 21.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTT...

Design/Logic Flaw

Vulnerability in the Oracle AutoVue 3D Professional Advanced component of Oracle Supply Chain Products Suite subcomponent: Format Handling - 2D. Supported versions that are affected are 21.0.0 and 21.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTT...

CVE-2019-2575

The vulnerability CVE-2019-2575 affects Oracle AutoVue 3D Professional Advanced (Format Handling - 2D) in Oracle Supply Chain Products Suite, impacting versions 21.0.0 and 21.0.1. The issue allows an unauthenticated attacker with network access over HTTP to read a subset of data from the affected...

CVE-2019-2575

Vulnerability in the Oracle AutoVue 3D Professional Advanced component of Oracle Supply Chain Products Suite subcomponent: Format Handling - 2D. Supported versions that are affected are 21.0.0 and 21.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTT...

Memory Corruption Vulnerability in Delta PLC Programming Software (Delta WPLSoft) Handling DVP Format

Delta PLC Programming Software Delta WPLSoft is a programming software. Delta PLC Programming Software Delta WPLSoft has a memory corruption vulnerability in the handling of DVP format files, which allows an attacker to construct a malformed DVP format that can cause a program to crash, and if...

Microsoft Office Security Feature Bypass Vulnerability (CNVD-2016-12459)

Microsoft Office is an office software suite of products developed by the U.S. company Microsoft Microsoft. Commonly used components are Word, Excel, Access, Powerpoint, FrontPage and so on. A security feature bypass vulnerability exists in Microsoft Office software that originates when the progr...

PhotoLine Handles TIFF Image Memory Corruption Vulnerability

PhotoLine is a professional image editing software from Germany. A memory corruption vulnerability exists in the software's handling of the TIFF format, which could be exploited by attackers to construct malformed TIFF files that could crash the program...

SUSE SLED11 / SLES11 Security Update : libqt4 (SUSE-SU-2015:0977-1)

The libqt4 library was updated to fix several security issues : CVE-2015-0295: Division by zero when processing malformed BMP files. bsc921999 CVE-2015-1858: Segmentation fault in BMP Qt Image Format Handling. bsc927806 CVE-2015-1859: Segmentation fault in ICO Qt Image Format Handling. bsc927807...

SUSE-SU-2015:0977-1 Security update for libqt4

The libqt4 library was updated to fix several security issues: CVE-2015-0295: Division by zero when processing malformed BMP files. bsc921999 CVE-2015-1858: Segmentation fault in BMP Qt Image Format Handling. bsc927806 CVE-2015-1859: Segmentation fault in ICO Qt Image Format Handling. bsc927807...

Fedora 21 : qt5-qtbase-5.4.1-9.fc21 (2015-6364)

Multiple vulnerabilities were found in Qt image format handling of BMP, ICO and GIF files. The issues exposed included denial of service and buffer overflows leading to heap corruption. It is possible the latter could be used to perform remote code execution. See also...