CVE-2017-5063

A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

Design/Logic Flaw

A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

CVE-2017-5063

A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

CVE-2017-5063

Removed by vendor...

CVE-2017-5063

A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

CVE-2017-5063

A numeric overflow in Skia within Google Chrome prior to 58.0.3029.81 for Linux/Windows/macOS and 58.0.3029.83 for Android allows a remote attacker to cause an out-of-bounds memory read via a crafted HTML page. Affected component: Skia in Chrome. Root cause: numeric overflow. Impact: memory read ...

The vulnerability of the `xt_alloc_table_info` function in the kernel’s `net/netfilter/x_tables.c` file in the Linux operating system allows a hacker to escalate their privileges or cause service interruptions.

The vulnerability of the xtalloctableinfo function in the kernel’s net/netfilter/xtables.c file in the Linux operating system is caused by a numerical overflow. Exploiting this vulnerability could allow an attacker, operating locally, to increase their privileges or cause a service failure memory...

Rails vulnerable to Cross-site Scripting

There is an XSS vulnerability in the numbertocurrency, numbertopercentage and numbertohuman helpers in Ruby on Rails. This vulnerability has been assigned the CVE identifier CVE-2014-0081. Versions Affected: All. Fixed Versions: 4.1.0.beta2, 4.0.3, 3.2.17. Impact ------ These helpers allows users...

GHSA-M46P-GGM5-5J83 Rails vulnerable to Cross-site Scripting

There is an XSS vulnerability in the numbertocurrency, numbertopercentage and numbertohuman helpers in Ruby on Rails. This vulnerability has been assigned the CVE identifier CVE-2014-0081. Versions Affected: All. Fixed Versions: 4.1.0.beta2, 4.0.3, 3.2.17. Impact ------ These helpers allows users...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify integer values, which makes it easier for remote attackers to conduct SQL injection attacks via a non-numeric argument...

Artifex MuPDF Numeric Error Vulnerability

Artifex MuPDF is a free, lightweight PDF reader from Artifex Software. An integer overflow vulnerability exists in the pdfreadnewxrefsection of the pdf/pdf-xref.c file in Artifex MuPDF version 1.11. A remote attacker can exploit this vulnerability to write data to an arbitrary memory location...

DEBIAN-CVE-2017-1000101

curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a...

ALPINE-CVE-2017-1000101

curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a...

UBUNTU-CVE-2017-1000101

curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a...

The vulnerability of the Android CAF-release operating system’s supervisor allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Android CAF-release operating system’s supervisor is caused by a numerical overflow condition. Exploiting this vulnerability allows an attacker, operating remotely, to compromise the confidentiality, integrity, and accessibility of the protected information...

FreeBSD : node.js -- multiple vulnerabilities (3eff66c5-66c9-11e7-aa1d-3d2e663cef42)

Updates are now available for all active Node.js release lines as well as the 7.x line. These include the fix for the high severity vulnerability identified in the initial announcement, one additional lower priority Node.js vulnerability in the 4.x release line, as well as some lower priority fix...

Systemd Local Elevation of Privilege Vulnerability

systemd is a Linux-based system and service manager developed by German software developer Lennart Poettering and others. It is compatible with the SysV and LSB startup scripts and provides a framework for representing dependencies between system services. A security vulnerability exists in syste...

DEBIAN-CVE-2017-1000082

systemd v233 and earlier fails to safely parse usernames starting with a numeric digit e.g. "0day", running the service in question with root privileges rather than the user intended...

UBUNTU-CVE-2017-1000082

systemd v233 and earlier fails to safely parse usernames starting with a numeric digit e.g. "0day", running the service in question with root privileges rather than the user intended...

CVE-2017-7903

A Weak Password Requirements issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series A and B, Version...