Astra Linux - уязвимость в golang-1.15

In Go before 1.15.13 and 1.16.x before 1.16.5, some configurations of ReverseProxy from net/http/httputil result in a situation where an attacker is able to drop arbitrary headers...

Linux Distros Unpatched Vulnerability : CVE-2025-1217

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when http request module parses HTTP response obtained...

Linux Distros Unpatched Vulnerability : CVE-2021-33197

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Go before 1.15.13 and 1.16.x before 1.16.5, some configurations of ReverseProxy from net/http/httputil result in a situation where an attacker is able to dro...

BIT-LIBPHP-2020-7069 Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with opensslencrypt function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data...

Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios such as traffic from a client to a server that verifies client certificates.

...

SUSE CVE-2015-6833

Directory traversal vulnerability in the PharData class in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to write to arbitrary files via a .. dot dot in a ZIP archive entry that is mishandled during an extractTo call...

SUSE CVE-2020-7066

In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using getheaders with user-supplied URL, if the URL contains zero \0 character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the getheade...

gd: Information disclosure in gdImageCreateFromXbm()

When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized...

Description of the security update for Outlook 2016: August 13, 2019

Description of the security update for Outlook 2016: August 13, 2019 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft Outlook software if it does not correctly handle objects in memory. To learn more about the vulnerability, see Microsoft Common...

php: Missing type check when unserializing SplArray

ext/spl/splarray.c in PHP before 5.6.26 and 7.x before 7.0.11 proceeds with SplArray unserialization without validating a return value and data type, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data...

Description of the security update for 2007 Microsoft Office Suite: November 28, 2017

Description of the security update for 2007 Microsoft Office Suite: November 28, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...

ALPINE-CVE-2017-7890

The GIF decoding function gdImageCreateFromGifCtx in gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read 700 bytes from the top of the...

VS 2008 - VS - VSDB - ENU,JPN,FRA,ITA,DEU,ESN,CHS,CHT,KOR.SP0

...

Microsoft Visual C++ 2010 SP1 - Express - All Languages

Microsoft Visual C++ 2010 SP1 Express CHS, CHT, DEU, ENU, ESN, FRA, ITA, JPN, KOR, RUS...