The vulnerability of the PDFium PDF-content processor in Google Chrome browsers allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the PDFium PDF-content processor in the Google Chrome browser is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures through the use of a...

Buffer overflow

The tochar function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service crash or possibly execute arbitrary code via a 1 large number of digits when processing a numeric...

Linux: SSH DenyUsers

The DenyUsersvariable gives the system administrator the option of denying specific users to ssh into the system. The list consists of space separated user names. Numeric user IDs are not recognized with this variable. If a system administrator wants to restrict user access further by specificall...

OpenLDAP Integer Overflow Vulnerability

OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol LDAP from the OpenLDAP Foundation in the United States. A numeric error vulnerability exists in OpenLDAP version 2.4. The vulnerability arises from a network system or product not properly calculating or...

Exploit for CVE-2018-11776

Struts2-057/CVE-2018-11776两个版本RCE漏洞分析（含EXP） Ivan@360云影实验室 2018年08月24日 0x01 前言 ========= 2018年8月22日，Apache Strust2发布最新安全公告，Apache Struts2存在远程代码执行的高危漏洞（S2-057/CVE-2018-11776），该漏洞由Semmle Security Research team的安全研究员Man YueMo发现。该漏洞是由于在Struts2开发框架中使用namespace功能定义XML配置时，namespace值未被设置且在上层动作配置（Action...

CVE-2019-11046

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeric by the OS but aren't ASCII...

UBUNTU-CVE-2019-11046

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeric by the OS but aren't ASCII...

CVE-2019-19232

In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as ...

DEBIAN-CVE-2019-19232

In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as ...

CVE-2019-19232

In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as ...

UBUNTU-CVE-2019-19232

In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as ...

CVE-2019-19232

In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as ...

Vulnerability of the dwc3pci_probe() function (drivers/usb/dwc3/dwc3-pci.c) in the Linux kernel, allowing a hacker to cause a service failure

The vulnerability of the dwc3pciprobe function drivers/usb/dwc3/dwc3-pci.c in the Linux kernel is due to a numerical overflow. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...

The vulnerability of the RADIANCE module, a software component used for creating 3D computer graphics in Blender, arises from integer overflow. This allows an attacker to execute arbitrary code.

The vulnerability of the RADIANCE module in the software suite used to create 3D computer graphics in Blender is due to a numerical overflow condition. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created HDR file...

The vulnerability of the animation reproduction function in Blender’s software for creating 3D computer graphics is caused by a full-integer overflow, allowing an attacker to execute arbitrary code.

The vulnerability of the animation reproduction function in Blender’s 3D computer graphics software is caused by a numerical overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created AVI file...

The vulnerability of the Mesh component of the software suite used to create 3D computer graphics in Blender allows a hacker to execute arbitrary code.

The vulnerability of the Mesh component in Blender’s 3D computer graphics software is caused by a numerical overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created blend file...

Rockwellautomation 1763-l16awa Inadequate Encryption Strength

A Weak Password Requirements issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series A and B, Version...

LEAD Technologies LEADTOOLS Numeric Error Vulnerability

LEAD Technologies LEADTOOLS is an image processing development kit from LEAD Technologies. A numeric error vulnerability exists in the CMP parsing function in LEAD Technologies LEADTOOLS. The vulnerability can be exploited to execute code via specially crafted CMP image files...

The vulnerability of the Skia library used by Firefox and Firefox ESR browsers, as well as the Thunderbird email client, allows attackers to trigger a service failure.

The vulnerability of the Skia library used by Firefox and Firefox ESR browsers, as well as the Thunderbird email client, is due to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to cause a service failure remotely...

py-lmdb numeric error vulnerability

py-lmdb is an LMDB an embedded transactional database for Python. A numeric error vulnerability exists in py-lmdb version 0.97. The vulnerability arises from a number generated by a networked system or product that does not properly compute or convert the number. An attacker could exploit this...