170 matches found
SUSE SLED15 / SLES15 Security Update : grub2 (SUSE-SU-2022:2064-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2064-1 advisory. - A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may tak...
SUSE: Security Advisory (SUSE-SU-2022:2038-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for grub2 (SUSE-SU-2022:2035-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
PT-2022-6168
Name of the Vulnerable Software and Affected Versions grub2 versions prior to 2.12 Description A crafted 16-bit grayscale PNG image may lead to an out-of-bounds write in the heap area, potentially causing heap data corruption or arbitrary code execution, and circumventing secure boot protections...
grub2 缓冲区错误漏洞
grub2 is a Linux system boot program from the GNU community. A buffer error vulnerability exists in grub2, which can be exploited by an attacker to cause an out-of-bounds write in the heap via a carefully crafted PNG grayscale image...
June 27, 2019—KB4501375 (OS Build 18362.207)
June 27, 2019—KB4501375 OS Build 18362.207 Note Follow @WindowsUpdate to find out when new content is published to the release information dashboard. Improvements and fixes This update includes quality improvements. Key changes include: Addresses an issue with Hyper-V virtualization on a specific...
PT-2019-5355 · Imagemagick +4 · Imagemagick +4
Name of the Vulnerable Software and Affected Versions: ImageMagick versions 7.0.8-40 Q16 Description: The issue is related to a heap-based buffer over-read in the WritePNMImage function of coders/pnm.c, which can be exploited by an attacker to cause a denial of service or possibly disclose...
DEBIAN-CVE-2016-9601
ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2decodegrayscaleimage function which is used to decode halftone segments in a JBIG2 image. A document PostScript or PDF with an embedded, specially crafted, jbig2 image could trigge...
Debian DLA-117-1 : qt4-x11 security update
CVE-2011-3193 Check for buffer overflow in LookupMarkMarkPos that may cause crash in this function with certain fonts. CVE-2011-3194 Fix tiff reader to handle TIFFTAGSAMPLESPERPIXEL for grayscale images. The reader uses QImage::FormatIndexed8, but since the samples per pixel value this should be...
Grayscale BandSite CMS 1.1 photo_content.php the_band Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...
Grayscale BandSite CMS 1.1 pastshows_content.php the_band Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...
Grayscale BandSite CMS 1.1 login_header.php the_band Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...
BandSite CMS <= 1.1.1 (root_path) Remote File Include Vulnerabilities
No description provided by source. --------------------------------------------------------------------------- Grayscale BandSite CMS =rootpath Remote File Include Vulnerabilities --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Security Te...
Grayscale BandSite CMS 1.1 reviews_content.php the_band Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...
Grayscale BandSite CMS 1.1 news_content.php the_band Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...
Grayscale BandSite CMS 1.1 footer.php this_year Parameter XSS
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register from urlparse import urljoin class TestPOCPOCBase: vulID = 'SSV-82196' vul ID version = '1' author = 'fenghh' vulDate =...
Grayscale BandSite CMS 1.1 lyrics_content.php the_band Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...
Grayscale BandSite CMS 1.1 shows_content.php the_band Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...
Grayscale BandSite CMS 1.1 help_merch.php the_band Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...
Grayscale BandSite CMS 1.1 links_content.php the_band Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...