Debian: Security Advisory (DSA-1385-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2016-9961

game-music-emu before 0.6.1 mishandles unspecified integer values...

Denial of Service Vulnerability in ActiveRecord’s PostgreSQL adapter

There is a potential denial of service vulnerability present in ActiveRecord’s PostgreSQL adapter. This has been assigned the CVE identifier CVE-2022-44566. Versions Affected: All. Not affected: None. Fixed Versions: 6.1.7.1, 7.0.4.1 Impact In ActiveRecord 7.0.4.1 and 6.1.7.1, when a value outsid...

Improper handling of large integer values

Description In create Fee function, improper handling of large integer values in mount field value. Proof of Concept POST /demonstration/Modules.php?modname=StudentBilling/StudentFees.php HTTP/1.1 Host: www.rosariosis.org Cookie: RosarioSIS=kja39eaq6q73envhk6eo8300vgumn2612c5huvue08vgh66faog1...

OSV-2021-482 Heap-buffer-overflow in draco::MeshPredictionSchemeTexCoordsDecoder<int, draco::PredictionSchemeWrapDeco

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31587 Crash type: Heap-buffer-overflow WRITE 4 Crash state: draco::MeshPredictionSchemeTexCoordsDecoderint, draco::PredictionSchemeWrapDeco draco::MeshPredictionSchemeTexCoordsDecoderint, draco::PredictionSchemeWrapDeco...

CVE-2017-17854

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service integer overflow and memory corruption or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic...

GHSA-JMM9-2P29-VH2W activerecord vulnerable to SQL Injection

Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify integer values, which makes it easier for remote attackers to conduct SQL injection attacks via a non-numeric argument...

Potential SQL Injection with limit in rails/activerecord

Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify integer values, which makes it easier for remote attackers to conduct SQL injection attacks via a non-numeric argument...

CVE-2016-9961

game-music-emu before 0.6.1 mishandles unspecified integer values...

CVE-2016-9961

game-music-emu before 0.6.1 mishandles unspecified integer values...

CVE-2016-9961

game-music-emu before 0.6.1 mishandles unspecified integer values...

CVE-2016-9961

CVE-2016-9961 affects Game Music Emu (game-music-emu) prior to version 0.6.1, where unspecified integer values are mishandled. The vulnerability can allow a remote attacker to entice a user to open a specially crafted SPC music file, potentially resulting in arbitrary code execution or a Denial o...

Code injection

email/provider/AttachmentProvider.java in AOSP Mail in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not ensure that certain values are integers, which allows attackers to read arbitrary attachments via a crafted applicatio...

Design/Logic Flaw

drivers/char/diag/diagfwd.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 5X, 6, 6P, and 7 2013 devices mishandles certain integer values, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28767796 and Qualcomm internal bug CR48340...

Adobe Flash - textfield Constructor Type Confusion

Source: https://code.google.com/p/google-security-research/issues/detail?id=701 There is a type confusion vulnerability in the TextField constructor in AS3. When a TextField is constructed, a generic backing object is created and reused when subsequent TextField objects are created. However, if a...

Schneider Electric ProClima F1BookView ActiveX Control CopyRange/SwapTables Methods Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric ProClima. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaws exist within the...

Scientific Linux Security Update : libtiff on SL5.x, SL6.x i386/x86_64 (20120703)

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. libtiff did not properly convert between signed and unsigned integer values, leading to a buffer overflow. An attacker could use this flaw to create a specially crafted TIFF file that, when...

CVE-2014-7909

effects/SkDashPathEffect.cpp in Skia, as used in Google Chrome before 39.0.2171.65, computes a hash key using uninitialized integer values, which might allow remote attackers to cause a denial of service by rendering crafted data...

CVE-2014-7909

effects/SkDashPathEffect.cpp in Skia, as used in Google Chrome before 39.0.2171.65, computes a hash key using uninitialized integer values, which might allow remote attackers to cause a denial of service by rendering crafted data...

PHP <= 5.2.1 GD Extension WBMP File Integer Overflow Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/23357/info PHP's GD extension is prone to two integer-overflow vulnerabilities because it fails to ensure that integer values aren't overrun. Successfully exploiting these issues allows attackers to crash the affected...