SUSE CVE-2025-40044

In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images may set...

CVE-2025-40044 fs: udf: fix OOB read in lengthAllocDescs handling

In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images may set...

[SECURITY] Fedora 40 Update: jaxb-fi-2.1.1-5.fc40

Fast Infoset Project, an Open Source implementation of the Fast Infoset Standard for Binary XML. The Fast Infoset specification ITU-T Rec. X.891 | ISO/IEC 24824-1 describes an open, standards-based "binary XML" format that is based on the XML Information Set...

ALSA-2023:0343 Moderate: libtasn1 security update

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding functions. Security Fixes: libtasn1: Out-of-bound access in ETYPEOK CVE-2021-46848...

[SECURITY] Fedora 36 Update: libtasn1-4.19.0-1.fc36

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding functi ons...

Microsoft Windows 7/2003/2008 RDP - Remote Code Execution

RDP Blue POC by k8gege Local: Win7 python Target: Win2003 & Win2008 open 3389 import socket import sys import os import platform buf="" buf+="\x03\x00\x00\x13" TPKT, Version 3, lenght 19 buf+="\x0e\xe0\x00\x00\x00\x00\x00\x01\x00\x08\x00\x00\x00\x00\x00" ITU-T Rec X.224 buf+="\x03\x00\x01\xd6"...

Raisecom Technology GPON-ONU HT803G-07 Command Injection (1)

Raisecom Technology GPON-ONU HT803G-07 suffers from an authenticated command injection vulnerability in the fmgponloid parameter. Raisecom Technology GPON-ONU HT803G-07 Command Injection 1 ===================================== Authenticated Shell Command Injection...

DEF CON 2018: Critical Bug Opens Millions of HP OfficeJet Printers to Attack

LAS VEGAS – Tens of millions of fax-ready HP OfficeJet inkjet printers are vulnerable to a simple hack that gives an attacker full control over a targeted printer. Once compromised, the all-in-one OfficeJet could act as a springboard for deeper network penetration by an attacker. Here at DEF CON,...

[SECURITY] Fedora 26 Update: libtasn1-4.12-1.fc26

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding func tions...

Security Bulletin: ASN. 1 coding in the presence of a heap memory corruption vulnerability-vulnerability warning-the black bar safety net

! ! 1. Security Bulletin information Title: Objective system integrated Co., Ltd. The design of the ASN. 1 coding specification in the presence of one can lead to heap memory corruption vulnerabilities. Vulnerability CVE number: CVE-2 0 1 6-5 0 8 0 Announcement of the URL address:...

[SECURITY] Fedora 21 Update: libtasn1-4.5-1.fc21

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding func tions...

[SECURITY] Fedora 21 Update: libtasn1-4.4-1.fc21

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding func tions...

[SECURITY] Fedora 20 Update: libtasn1-3.6-1.fc20

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding func tions...

Debian DSA-1904-1 : wget - insufficient input validation

Daniel Stenberg discovered that wget, a network utility to retrieve files from the Web using HTTPS and FTP, is vulnerable to the 'Null Prefix Attacks Against SSL/TLS Certificates' published at the Blackhat conference some time ago. This allows an attacker to perform undetected man-in-the-middle...

Apple QuickTime MOV File JVTCompEncodeFrame Heap Overflow (CVE-2007-2295)

Apple QuickTime is a multimedia player that supports a wide range of media formats. The software supports parsing and displaying picture files as well as numerous audio/video formats. One of the supported video format is the ITU-T H.264 standard, also known as MPEG-4 Part 10 or Advanced Video...

Debian Security Advisory DSA 1904-1 (wget)

The remote host is missing an update to wget announced via advisory DSA 1904-1. OpenVAS Vulnerability Test $Id: deb19041.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1904-1 wget Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

DSA-1904-1 wget - SSL certificate verification weakness

Bulletin has no description...

DSA-1869-1 curl - SSL certificate verification weakness

Bulletin has no description...