Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the MiniZip function in zlib, by providing a long filename, comment, or extra field. Remediation Upgrade zlib to version 1.3.1 or higher. References - GitHub Commit - GitHub PR - Vulnerable Code...

WordPress Cross-Site Scripting Vulnerability (CNVD-2016-03647)

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Software Foundation. A cross-site scripting vulnerability exists in the wp-includes/wp-db.php file in versions of WordPress prior to 4.2.2, which can be exploited by remote attackers to inject arbitrary web...

DEBIAN-CVE-2015-3440

Cross-site scripting XSS vulnerability in wp-includes/wp-db.php in WordPress before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type...

DEBIAN-CVE-2007-5301

Buffer overflow in the vorbisstreaminfo function in input/vorbis/vorbisengine.c aka the vorbis input plugin in AlsaPlayer before 0.99.80-rc3 allows remote attackers to execute arbitrary code via a .OGG file with long comments...

CVE-2006-5864

Stack-based buffer overflow in the psgettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript PS file with certain headers that contain long comments, as demonstrated using the 1 DocumentMedia, 2...

CVE-2006-5864

Stack-based buffer overflow in the psgettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript PS file with certain headers that contain long comments, as demonstrated using the 1 DocumentMedia, 2...