4 matches found
GHSA-JFX9-29X2-RV3J pypdf can exhaust RAM via manipulated LZWDecode streams
Impact An attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream of a page using the LZWDecode filter. Patches This has been fixed in pypdf==6.1.3. Workarounds If you cannot upgrade yet, consider applying the changes from P...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 : Python vulnerabilities (USN-7710-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7710-1 advisory. It was discovered that Python inefficiently parsed maliciously crafted HTML input. An...
Nmap NSE net: http-favicon
Gets the favicon 'favorites icon' from a web page and matches it against a database of the icons of known web applications. If there is a match, the name of the application is printed; otherwise the MD5 hash of the icon data is printed. If the script argument 'favicon.uri' is given, that relative...
Microsoft Internet Explorer HTML Objects Variant Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability that occurs when the application tries to parse a specially crafted web page. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently logged-i...