3807 matches found
CVE-2013-5907
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the Januar...
CVE-2013-5907
CVE-2013-5907 is an Oracle Java SE vulnerability affecting multiple Java runtimes (5.0u55, 6u65, 7u45; JRockit R27.7.7/R28.2.9; Java SE Embedded 7u45; OpenJDK 7). The issue is described as an unspecified vulnerability related to the 2D component, with the root cause reportedly linked by third‑par...
ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the Januar...
ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the Januar...
Flash Player for Mac <= 11.7.700.257 / 11.9.900.170 Multiple Vulnerabilities (APSB14-02)
According to its version, the instance of Flash Player installed on the remote Mac OS X host is equal or prior to 11.7.700.257 / 11.8.x or 11.9.x equal or prior to 11.9.900.170. It is, therefore, potentially affected by the following vulnerabilities : - An unspecified vulnerability exists that ca...
WordPress Page Layout Builder插件"layout_settings_id"跨站脚本漏洞
WordPress是一款内容管理系统。 由于传递到wp-content/plugins/page-layout-builder/includes/layout-settings.php中"layoutsettingsid" GET参数的输入在返回用户前没有正确过滤,攻击者可以利用漏洞在受影响站点上下文的用户浏览器会话中执行任意HTML和脚本代码。 0 WordPress Page Layout Builder Plugin 1.x 厂商补丁: WordPress ----- WordPress Page Layout Builder Plugin...
[PDFMiner] Python PDF parser and analyzer
PDFMiner is a tool for extracting information from PDF documents. Unlike other PDF-related tools, it focuses entirely on getting and analyzing text data. PDFMiner allows one to obtain the exact location of text in a page, as well as other information such as fonts or lines. It includes a PDF...
MS13-106: Farewell to another ASLR bypass
Today we released MS13-106 which resolves a security feature bypass that can allow attackers to circumvent Address Space Layout Randomization ASLR using a specific DLL library HXDS.DLL provided as part of Microsoft Office 2007 and 2010. The existence of an ASLR bypass does not directly enable the...
CVE-2013-0861
The avcodecdecodeaudio4 function in libavcodec/utils.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 allows remote attackers to trigger memory corruption via vectors related to the channel layout...
Memory corruption
The avcodecdecodeaudio4 function in libavcodec/utils.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 allows remote attackers to trigger memory corruption via vectors related to the channel layout...
CVE-2013-0861
The avcodecdecodeaudio4 function in libavcodec/utils.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 allows remote attackers to trigger memory corruption via vectors related to the channel layout...
CVE-2013-0861
The avcodecdecodeaudio4 function in libavcodec/utils.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 allows remote attackers to trigger memory corruption via vectors related to the channel layout...
CVE-2013-0861
The avcodecdecodeaudio4 function in libavcodec/utils.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 allows remote attackers to trigger memory corruption via vectors related to the channel layout...
CVE-2013-0872
The swrinit function in libswresample/swresample.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid or unsupported 1 input or 2 output channel layout, related to an out-of-bounds array access...
CVE-2013-0872
The swrinit function in libswresample/swresample.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid or unsupported 1 input or 2 output channel layout, related to an out-of-bounds array access...
Out-of-bounds
The swrinit function in libswresample/swresample.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid or unsupported 1 input or 2 output channel layout, related to an out-of-bounds array access...
CVE-2013-0872
The swrinit function in libswresample/swresample.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid or unsupported 1 input or 2 output channel layout, related to an out-of-bounds array access...
Out-of-bounds
The SVG implementation in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service out-of-bounds read by leveraging the use of tree order, rather than transitive dependency order, for layout...
CVE-2013-6623
The SVG implementation in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service out-of-bounds read by leveraging the use of tree order, rather than transitive dependency order, for layout...
CVE-2013-6623
Removed by vendor...