20 matches found
High-Severity RCE Flaw Disclosed in Several Netgear Router Models
Networking equipment company Netgear has released patches to remediate a high-severity remote code execution vulnerability affecting multiple routers that could be exploited by remote attackers to take control of an affected system. Traced as CVE-2021-40847 CVSS score: 8.1, the security weakness...
Adobe Updates Flash, Reader, Acrobat on Patch Tuesday
Adobe has issued security bulletins addressing five critical vulnerabilities in its Flash, Reader and Acrobat Players that could give attackers the ability to cause crashes and wrest control of affected machines. Adobe claims it is not aware of any in-the-wild exploits targeting these bugs...
Debian DSA-2624-1 : ffmpeg - several vulnerabilities
Several vulnerabilities have been discovered in FFmpeg, a multimedia player, server and encoder. Multiple input validations in the decoders/demuxers for Shorten, Chinese AVS video, VP5, VP6, AVI, AVS and MPEG-1/2 files could lead to the execution of arbitrary code. Most of these issues were...
[SECURITY] [DSA 2624-1] ffmpeg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2624-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 16, 2013 http://www.debian.org/security/faq -...
FreeBSD : chromium -- multiple vulnerabilities (46bd747b-5b84-11e2-b06d-00262d5ed8ee)
Google Chrome Releases reports : 162494 High CVE-2012-5145: Use-after-free in SVG layout. Credit to Atte Kettunen of OUSPG. 165622 High CVE-2012-5146: Same origin policy bypass with malformed URL. Credit to Erling A Ellingsen and Subodh Iyengar, both of Facebook. 165864 High CVE-2012-5147:...
chromium -- multiple vulnerabilities
Google Chrome Releases reports: 136643 137721 137957 High CVE-2012-2862: Use-after-free in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team. 136968 137361 High CVE-2012-2863: Out-of-bounds writes in PDF viewer. Credit to...
Stable Channel Update
The Google Chrome team is happy to announce the arrival of Chrome 20 20.0.1132.43 to the Stable Channel for Windows, Mac, Linux, and Chrome Frame. Security fixes and rewards: Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority ...
Ubuntu: Security Advisory (USN-1478-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA-2471-1] ffmpeg security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2471-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 13, 2012 http://www.debian.org/security/faq -...
Destiny Media Player 1.61 (lst File) Local Buffer Overflow Exploit #5
Exploit for unknown platform in category local exploits ===================================================================== Destiny Media Player 1.61 lst File Local Buffer Overflow Exploit 5 ===================================================================== print...
Mozilla Foundation Security Advisory 2008-07
Mozilla Foundation Security Advisory 2008-07 Title: Possible information disclosure in BMP decoder Impact: Moderate Announced: February 19, 2008 Reporter: Gynvael Coldwind // Vexillium Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 2.0.0.12 Thunderbird 2.0.0.12 SeaMonkey 1.1.8...
SDL_Image 1.2.6 and prior GIF handling buffer overflow
Name : SDLImage 1.2.6 and prior GIF handling buffer overflow Type : Remote DoS / Code Execution ? Impact : Low / Medium ? Credits : Gynvael Coldwind / Team Vexillium Discovered: 2007-12-17 Published : 2008-01-23 Brief SDLImage is an open source library providing image file handling functionality...
FreeBSD : opera -- multiple vulnerabilities (31b045e7-ae75-11dc-a5f9-001a4d49522b)
Opera Software ASA reports about multiple security fixes : - Fixed an issue where plug-ins could be used to allow cross domain scripting, as reported by David Bloom. Details will be disclosed at a later date. - Fixed an issue with TLS certificates that could be used to execute arbitrary code, as...
[HISPASEC] 2K7SEPT6 Magellan Explorer 3.32 build 2305 Remote FTP Client Directory Traversal
HISPASEC Security Advisory http://blog.hispasec.com/lab/ Name : 2K7SEPT6 Magellan Explorer 3.32 build 2305 Remote FTP Client Directory Traversal Class : Remote Directory Traversal Threat level : HIGH Discovered : 2007-08-14 Published : 2007-09-06 Credit : Gynvael Coldwind Vulnerable : 3.32 built...
[HISPASEC] 2K7SEPT6 Total Commander 7.01 Remote FTP Client Directory Traversal
HISPASEC Security Advisory http://blog.hispasec.com/lab/ Name : 2K7SEPT6 Total Commander 7.01 Remote FTP Client Directory Traversal Class : Remote Directory Traversal Threat level : HIGH Discovered : 2007-08-25 Published : 2007-09-06 Credit : Gynvael Coldwind Vulnerable : 7.01 and prior == Abstra...
[HISPASEC] 2K7SEPT6 X-Diesel Unreal Commander v0.92 (build 573) multiple FTP-based vulnerabilities
HISPASEC Security Advisory http://blog.hispasec.com/lab/ Name : 2K7SEPT6 X-Diesel Unreal Commander v0.92 build 573 multiple FTP-based vulnerabilities Class : Remote directory traversal, Remote DoS Threat level : HIGH Discovered : 2007-09-06 Published : 2007-08-24 Credit : Gynvael Coldwind...
magellan-traverse.txt
HISPASEC Security Advisory http://blog.hispasec.com/lab/ Name : 2K7SEPT6 Magellan Explorer 3.32 build 2305 Remote FTP Client Directory Traversal Class : Remote Directory Traversal Threat level : HIGH Discovered : 2007-08-14 Published : 2007-09-06 Credit : Gynvael Coldwind Vulnerable : 3.32 built...
tc701-traverse.txt
HISPASEC Security Advisory http://blog.hispasec.com/lab/ Name : 2K7SEPT6 Total Commander 7.01 Remote FTP Client Directory Traversal Class : Remote Directory Traversal Threat level : HIGH Discovered : 2007-08-25 Published : 2007-09-06 Credit : Gynvael Coldwind Vulnerable : 7.01 and prior == Abstra...
xdiesel-traverse.txt
HISPASEC Security Advisory http://blog.hispasec.com/lab/ Name : 2K7SEPT6 X-Diesel Unreal Commander v0.92 build 573 multiple FTP-based vulnerabilities Class : Remote directory traversal, Remote DoS Threat level : HIGH Discovered : 2007-09-06 Published : 2007-08-24 Credit : Gynvael Coldwind...
[HISPASEC] Blizzard StarCraft Brood War 1.15.1 Remote DoS
HISPASEC Security Advisory http://blog.hispasec.com/lab/ Name : Blizzard StarCraft Brood War Remote DoS Class : Remote/Local DoS Threat level : MED Discovered : 2007-08-08 Published : 2007-08-29 Credit : Gynvael Coldwind Vulnerable : StarCraft Brood War 1.15.1 and prior StarCraft 1.15.1 and prior...