8 matches found
Security Bulletin: Vulnerability in expressjs express affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.
Summary Potential vulnerability in expressjs express has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...
Opera: Multiple vulnerabilities
Background Opera is a fast web browser that is available free of charge. Description Multiple vulnerabilities have been discovered in Opera. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted web page using Oper...
SWORD: Shell command injection
Background SWORD is a library for Bible study software. Description Dan Dennison reported that the diatheke.pl script used in SWORD does not properly sanitize shell meta-characters in the "range" parameter before processing it. Impact A remote attacker could provide specially crafted input to a...
uim: Privilege escalation vulnerability
Background uim is a simple, secure and flexible input method library. Description Takumi Asaki discovered that uim insufficiently checks environment variables. setuid/setgid applications linked against libuim could end up executing arbitrary code. This vulnerability only affects immodule-enabled ...
Cyrus IMAP Server: Multiple overflow vulnerabilities
Background The Cyrus IMAP Server is an efficient, highly-scalable IMAP e-mail server. Description Possible single byte overflows have been found in the imapd annotate extension and mailbox handling code. Furthermore stack buffer overflows have been found in fetchnews, the backend and imapd. Impac...
Midnight Commander: Multiple vulnerabilities
Background Midnight Commander is a visual console file manager. Description Midnight Commander contains several format string vulnerabilities CAN-2004-1004, buffer overflows CAN-2004-1005, a memory deallocation error CAN-2004-1092 and a buffer underflow CAN-2004-1176. Impact An attacker could...
GLSA-200408-22 : Mozilla, Firefox, Thunderbird, Galeon, Epiphany: New releases fix vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200408-22 Mozilla, Firefox, Thunderbird, Galeon, Epiphany: New releases fix vulnerabilities Mozilla, Galeon, Epiphany, Mozilla Firefox and Mozilla Thunderbird contain the following vulnerabilities: All Mozilla tools use libpng for...
wv: Buffer overflow vulnerability
Background The wv library allows access to MS Word files. It can parse Word files and allow other applications, such as abiword, to import those files into their native formats. Description A use of strcat without proper bounds checking leads to an exploitable buffer overflow. The vulnerable code...