98 matches found
CVE-2018-1050
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...
The vulnerability of the Mac OS X operating system’s file component, which allows a hacker to trigger a service failure
The vulnerability of the Mac OS X operating system’s file component exists due to insufficient checks on input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the USIM responder in the Android operating system from the CAF repository allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Android operating system from the CAF repository exists due to insufficient checking of input data. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information during the processing of...
PLC WinProladder Stack Buffer Overflow Vulnerability
winproladder is a free PLC programming software. PLC WinProladder suffers from a stack buffer overflow vulnerability because it fails to perform sufficient boundary checks on user-supplied input. An attacker can exploit this issue to execute arbitrary code in the context of the affected applicati...
Autotrace Heap Buffer Overflow Vulnerability
AutoTrace is a set of software for converting bitmap files Bitmap to vector files Vector. Autotrace suffers from a heap buffer overflow vulnerability that stems from the program failing to perform proper boundary checks on user-submitted input. An attacker could exploit this vulnerability to cras...
The vulnerability of the Apache Struts software platform, which allows attackers to circumvent existing access restrictions
The vulnerability of the MultiPageValidator implementation in the Apache Struts software platform exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker to bypass existing access restrictions by modifying page parameters remotely...
The vulnerability of the Cisco Unified Communications Manager system allows a intruder to trigger a service failure.
The vulnerability of the Cisco Unified Communications Manager IP telephony management system exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by sending specially crafted packets...
DSA-3581-1 libndp - security update
Bulletin has no description...
SoX Memory Corruption Vulnerability
SoX is a set of open source audio processing tools. The tool supports playback, conversion and recording of multiple audio format files. A memory corruption vulnerability exists in SoX that stems from the program failing to perform proper boundary checks on user-submitted input. An attacker could...
TestDisk 'Check_OS2MB()' method stack buffer overflow vulnerability
TestDisk is a set of disk repair tools. A stack buffer overflow vulnerability exists in the TestDisk 'CheckOS2MB' method. Due to the program failing to perform proper boundary checking on user-submitted input. An attacker could exploit this vulnerability to execute arbitrary code in the context o...
ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the Januar...
Kent Web PostMail vulnerable to third party mail relay
Overview Kent Web PostMail, form mail software that enables sending email from web pages, contains a vulnerability which may allow the third party to relay mail as it does not properly check input. Impact An attacker could possibly compromise the mail server to send an unsolicited email. Solution...
SurgeFTP 2.3a2 - 'Content-Length' Null Pointer Denial of Service
source: https://www.securityfocus.com/bid/27993/info SurgeFTP is prone to a remote denial-of-service vulnerability because it fails to perform adequately boundary checks on user-supplied input. Exploiting this issue will cause the server to copy data to a NULL pointer, which will crash the server...
PPTP overflow
The remote PPTP server has remote buffer overflow vulnerability. The problem occurs due to insufficient sanity checks when referencing user-supplied input used in various calculations. As a result, it may be possible for an attacker to trigger a condition where sensitive memory can be corrupted...
Phpnuke module.php vulnerability and php error_reporting issue
Phpnuke module.php vulnerability and PHP errorreporting issue on 16 december by Cabezon Aurйlien | [email protected] As you know, there are many Cross site scripting issue on Phpnuke modules and other web application using PHP. There is a cross site scripting issue cause : 1 there ...
Alex Heiphetz Group eZshopper 3.0 - Remote Command Execution
Alex Heiphetz Group eZshopper 3.0 - Remote Command Execution source: https://www.securityfocus.com/bid/1014/info EZShopper is a perl-based E-Commerce software package offered by Alex Heiphetz Group, Inc. It is possible to remotely compromise a host due to a lack of checks on user input passed...
Alex Heiphetz Group eZshopper 3.0 - Remote Command Execution
source: https://www.securityfocus.com/bid/1014/info EZShopper is a perl-based E-Commerce software package offered by Alex Heiphetz Group, Inc. It is possible to remotely compromise a host due to a lack of checks on user input passed directly to the open call. This vulnerability exists in two...
Corel Linux OS 1.0 - buildxconfig
Corel Linux OS 1.0 - buildxconfig source: https://www.securityfocus.com/bid/1007/info Several vulnerabilities exist in the buildxconfig program, as included with Corel Linux 1.0. Using this program, it is likely that a local user could elevate privileges. By failing to check input to the -f and -...