The vulnerability of the `link` function in the PHP programming language allows attackers to gain unauthorized access to information.

The vulnerability of the link function in the PHP programming language interpreter is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to sensitive information...

The vulnerability of the libseccomp library lies in its lack of access control for certain functions. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the libseccomp library is related to deficiencies in access control for certain functions. Exploiting this vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and even cause service failures...

CVE-2019-16879

The Synergy Systems & Solutions SSS HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has a Missing Authentication for Critical Function CWE-306 vulnerability. The affected product does not require authentication for TELNET access, which may allow an attacker to change configuration or...

PT-2020-5472 · Sqlite +5 · Sqlite +5

Name of the Vulnerable Software and Affected Versions: SQLite versions through 3.31.1 Description: The issue allows attackers to cause a denial of service, resulting in a segmentation fault, via a malformed window-function query. This is due to the mishandling of the AggInfo object's...

CVE-2019-10794

All versions of component-flatten are vulnerable to Prototype Pollution. The a function could be tricked into adding or modifying properties of Object.prototype using a proto payload...

CVE-2019-20162

An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is heap-based buffer overflow in the function gfisomboxparseex in isomedia/boxfuncs.c...

CVE-2019-20160

GPAC versions 0.8.0 and 0.9.0-development-20191109 contain a stack-based buffer overflow in av1_parse_tile_group() within media_tools/av_parsers.c. The CVE-2019-20160 entry is corroborated across multiple sources (NVD and Red Hat, etc.). The available documents specify the vulnerable function and...

Integer overflow

An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixeldecoderawimpl at fromsixel.c...

CVE-2019-18251

In Omron CX-Supervisor, Versions 3.5 12 and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to an obsolete function vulnerability requiring user interaction to exploit...

Design/Logic Flaw

In Omron CX-Supervisor, Versions 3.5 12 and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to an obsolete function vulnerability requiring user interaction to exploit...

CVE-2019-19203

An issue was discovered in Oniguruma 6.x before 6.9.4rc2. In the function gb18030mbcenclen in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read...

Omron CX-Supervisor (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Omron Equipment: CX-Supervisor Vulnerability: Use of Obsolete Function 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-318-04 Omron CX-Supervisor...

The vulnerability of the Open function in the VideoLAN VLC media player’s modules/demux/tta.c file allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the Open function in the VideoLAN VLC media player’s modules/demux/tta.c file is related to numerical processing errors. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failures...

The vulnerability of the compression function in the Zstandard library allows a hacker to execute arbitrary code.

The vulnerability of the compression function in the Zstandard library for data compression is related to synchronization errors when using a shared resource “Race Condition”. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

PT-2019-13559 · Mpg321 +1 · Mpg321 +1

Name of the Vulnerable Software and Affected Versions: mpg321 version 0.3.2 Description: The issue allows remote attackers to trigger an out-of-bounds write via a zero bitrate in an MP3 file, specifically through the scan function in mad.c. Recommendations: For mpg321 version 0.3.2, consider...

The vulnerability of the __strlen_sse2_pminub function in the infotocap utility from the ncurses-bin package allows a hacker to cause a service failure.

The vulnerability of the strlensse2pminub function located in the file sysdeps/x8664/multiarch/strlen-sse2-pminub.S:39 in the infotocap utility from the ncurses-bin package is related to errors in pointer arithmetic. Exploiting this vulnerability could allow an attacker to cause a system failure ...

Mongoose Buffer Overflow Vulnerability

Cesanta Mongoose is a set of embedded server libraries from the Irish company Cesanta, which includes features such as TCP, HTTP client and server, WenSocket client and server. A buffer overflow vulnerability exists in the 'parsemqtt' function of the mgmqtt.c file in Cesanta Mongoose versions pri...

The vulnerability of the FindMe function in the microprogramming software of Cisco TelePresence Video Communication Server and the Cisco Expressway software allows a perpetrator to perform arbitrary actions within the vulnerable system.

The vulnerability of the FindMe function in the microprogramming software of Cisco TelePresence Video Communication Server and the Cisco Expressway software is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to perform arbitrary actions o...

Xpdf PE Vulnerability (CNVD-2019-22436)

Xpdf is a free PDF viewer and toolkit that includes a text extractor, image converter, HTML converter and more. A PE vulnerability exists in the PostScriptFunction::exec function in Function.cc in Xpdf 4.01.01 in the psOpIdiv scenario. No detailed vulnerability details are provided at this time...

SQL injection vulnerability in joomla! Boo*** component rev*** function

joomla! is an open source content management system CMS. A SQL injection vulnerability exists in the joomla! Boo component rev function. The vulnerability allows attackers to obtain sensitive information about the database...