7703 matches found
[SECURITY] Fedora 30 Update: geocode-glib-3.26.1-2.fc30
geocode-glib is a convenience library for the geocoding finding longitude, and latitude from an address and reverse geocoding finding an address from coordinates. It uses Nominatim service to achieve that. It also caches reverse-geocoding requests for faster results and to avoid unnecessary se rv...
CVE-2017-16231
DISPUTED In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack th...
Arbitrary Code Execution
js-yaml is vulnerable to arbitrary code execution. The vulnerability exists through the usage of unsafe load function, which allows attackers to inject arbitrary code via a malicious YAML file using objects that have toString as key, JavaScript code as value and are used as explicit mapping keys...
Node.js third-party modules: [domokeeper] Unintended Require
I would like to report Unintended Require vulnerability in domokeeper It allows reading arbitary json files and load non-production code. Module module name: domokeeper version: 0.2.0 npm page: https://www.npmjs.com/package/domokeeper Module Description domokeeper server: a pluggable domotic...
UBUNTU-CVE-2019-11190
The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs such as /bin/su because installexeccreds is called too late in loadelfbinary in fs/binfmtelf.c, and thus the ptracemayaccess check has a race condition when reading /proc/pid/stat...
Code Injection
Overview Versions of js-yaml prior to 3.13.1 are vulnerable to Code Injection. The load function may execute arbitrary code injected through a malicious YAML file. Objects that have toString as key, JavaScript code as value and are used as explicit mapping keys allow attackers to execute the...
DEBIAN-CVE-2019-11024
The loadpnm function in frompnm.c in libsixel.a in libsixel 1.8.2 has infinite recursion...
Teeworlds integer overflow vulnerability (CNVD-2019-12514)
Teeworlds is a free online multiplayer game. An integer overflow vulnerability exists in CMap::Load in engine/shared/map.cpp in Teeworlds 0.7.2, which stems from a number generated by a networked system or product that does not properly compute or convert, and which can be exploited by an attacke...
PT-2019-12144 · Libsixel +1 · Libsixel +1
Name of the Vulnerable Software and Affected Versions: libsixel version 1.8.2 Description: The issue is related to the load pnm function in frompnm.c in libsixel.a, which has infinite recursion. Recommendations: For libsixel version 1.8.2, at the moment, there is no information about a newer...
Integer overflow
In Teeworlds 0.7.2, there is an integer overflow in CMap::Load in engine/shared/map.cpp that can lead to a buffer overflow, because multiplication of width and height is mishandled...
CVE-2019-10877
In Teeworlds 0.7.2, there is an integer overflow in CMap::Load in engine/shared/map.cpp that can lead to a buffer overflow, because multiplication of width and height is mishandled...
UBUNTU-CVE-2019-10877
In Teeworlds 0.7.2, there is an integer overflow in CMap::Load in engine/shared/map.cpp that can lead to a buffer overflow, because multiplication of width and height is mishandled...
CVE-2019-10877
In Teeworlds 0.7.2, there is an integer overflow in CMap::Load in engine/shared/map.cpp that can lead to a buffer overflow, because multiplication of width and height is mishandled...
CVE-2019-10877
In Teeworlds 0.7.2, there is an integer overflow in CMap::Load in engine/shared/map.cpp that can lead to a buffer overflow, because multiplication of width and height is mishandled...
DEBIAN-CVE-2019-10877
In Teeworlds 0.7.2, there is an integer overflow in CMap::Load in engine/shared/map.cpp that can lead to a buffer overflow, because multiplication of width and height is mishandled...
CVE-2019-10877
In Teeworlds 0.7.2, CVE-2019-10877 describes an integer overflow in CMap::Load() that could lead to a buffer overflow (width×height multiplication mishandling). Several connected advisories document fixes or updates to address this and related CVEs (2019-10879, 2019-10878, 2018-18541). Notably, o...
CVE-2019-10877
In Teeworlds 0.7.2, there is an integer overflow in CMap::Load in engine/shared/map.cpp that can lead to a buffer overflow, because multiplication of width and height is mishandled...
CVE-2019-10877
In Teeworlds 0.7.2, there is an integer overflow in CMap::Load in engine/shared/map.cpp that can lead to a buffer overflow, because multiplication of width and height is mishandled...
AIDA64 Engineer 5.99.4900 Buffer Overflow
!/usr/bin/python Exploit Title: AIDA64 Engineer 5.99.4900 - 'Load from file' Field Buffer Overflow SEH Date: 04-04-2019 Exploit Author: Anurag Srivastava and Vardan Bansal Website: www.theanuragsrivastava.in Vulnerable Software: AIDA64 Engineer Vendor Homepage: http://download.aida64.com/ Version...
AIDA64 Engineer 5.99.4900 - Load from file Field Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits !/usr/bin/python Exploit Title: AIDA64 Engineer 5.99.4900 - 'Load from file' Field Buffer Overflow SEH Exploit Author: Anurag Srivastava and Vardan Bansal Website: www.theanuragsrivastava.in Vulnerable Software: AIDA64 Engineer Vendor...