SUSE CVE-2018-15856

An infinite loop when reaching EOL unexpectedly in compose/parser.c aka the keymap parser in xkbcommon before 0.8.1 could be used by local attackers to cause a denial of service during parsing of crafted keymap files...

SUSE CVE-2018-15857

An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon keymap parsers or possibly have unspecified other impact by supplying a crafted keymap file...

OPENSUSE-SU-2022:0539-1 Security update for systemd

This update for systemd fixes the following issues: - CVE-2021-3997: Fixed an uncontrolled recursion in systemd's systemd-tmpfiles bsc1194178. The following non-security bugs were fixed: - udev/netid: don't generate slot based names if multiple devices might claim the same slot bsc1192637 -...

libxkbcommon: NULL pointer dereference when handling xkb_geometry

Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash NULL pointer dereference the xkbcommon parser by supplying a crafted keymap file, because the XkbFile for an xkbgeometry section was mishandled...

DEBIAN-CVE-2018-15864

Unchecked NULL pointer usage in resolvekeysym in xkbcomp/parser.y in xkbcommon before 0.8.2 could be used by local attackers to crash NULL pointer dereference the xkbcommon parser by supplying a crafted keymap file, because a map access attempt can occur for a map that was never created...

DEBIAN-CVE-2018-15857

An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon keymap parsers or possibly have unspecified other impact by supplying a crafted keymap file...

DEBIAN-CVE-2018-15855

Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash NULL pointer dereference the xkbcommon parser by supplying a crafted keymap file, because the XkbFile for an xkbgeometry section was mishandled...

PT-2018-13246 · Xkbcommon +4 · Xkbcommon +4

Name of the Vulnerable Software and Affected Versions: xkbcommon versions prior to 0.8.1 Description: The issue is related to an infinite loop that occurs when the End Of Line EOL is reached unexpectedly in the keymap parser, located in compose/parser.c. This could be exploited by local attackers...

PT-2018-13245 · Xkbcommon +4 · Xkbcommon +4

Name of the Vulnerable Software and Affected Versions: xkbcommon versions prior to 0.8.1 Description: The issue arises from unchecked NULL pointer usage in the xkbcommon parser, which can be exploited by local attackers to cause a crash due to a NULL pointer dereference. This can occur when a...

UBUNTU-CVE-2018-15857

An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon keymap parsers or possibly have unspecified other impact by supplying a crafted keymap file...

UBUNTU-CVE-2018-15856

An infinite loop when reaching EOL unexpectedly in compose/parser.c aka the keymap parser in xkbcommon before 0.8.1 could be used by local attackers to cause a denial of service during parsing of crafted keymap files...

PT-2018-13248 · Xkbcommon +3 · Xkbcommon +3

Name of the Vulnerable Software and Affected Versions: xkbcommon versions prior to 0.8.1 Description: The issue arises from unchecked NULL pointer usage when handling invalid aliases in the CopyKeyAliasesToKeymap function in xkbcomp/keycodes.c. This could be exploited by local attackers to crash...

PT-2018-13250 · Xkbcommon +5 · Xkbcommon +5

Name of the Vulnerable Software and Affected Versions: xkbcommon versions prior to 0.8.2 Description: The issue is related to unchecked NULL pointer usage in the ExprResolveLhs function in xkbcomp/expr.c. This could be exploited by local attackers to crash the xkbcommon parser by supplying a...

Oracle Forms and Reports 11.1 - Remote Exploit

No description provided by source. !/usr/bin/env ruby Exploit Title: Oracle Reports 11.1 About: Automated exploit for CVE-2012-3153/CVE-2012-3152 Google Dork: inurl:/reports/rwservlet/ Date: 01/28/2014 Exploit Author: Mekanismen [email protected] Credits to: @misssudo for initial disclosure...

Oracle Forms and Reports Database Vulnerability

Oracle Forms and Reports Database Vulnerability SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Reports Developer Version Release 9i to 10gr2 Database Disclosure

An undocumented PARSEQUERY function in Oracle Forms and Reports allows dumping database username and passwords unauthenticated. The patch / workaround just appears to obfuscate the issue but not actually address it. Affected systems include versions 9iAS, 9iDS, 10G DS and AS, and 10G AS...

Oracle Forms And Reports Database Disclosure

PARSEQUERY http://docs.oracle.com/cd/E1676401/bi.1111/b32121/pbrcla007.htmi640592 Description Use PARSEQUERY to parse an rwservlet query and display the constructed Reports Server command line. Syntax http://yourwebserver/reports/rwservlet/parsequery?server=servername&authid=username/password...

MDVA-2008:174 : kbd

This update fixes errors in be-latin1, be2-latin1, ro-comma, ro-academic, and gr-utf8 keymaps, shipped on Mandriva Linux 2008 Spring and Mandriva Linux 2009. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on...