DEBIAN-CVE-2018-5813

An error within the "parseminolta" function dcraw/dcraw.c in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite loop via a specially crafted file...

DEBIAN-CVE-2018-5809

An error within the "LibRaw::parseexif" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code...

CVE-2018-5813

An error within the "parseminolta" function dcraw/dcraw.c in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite loop via a specially crafted file...

UBUNTU-CVE-2018-5809

An error within the "LibRaw::parseexif" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code...

Google Android Double Release Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A double-release vulnerability exists in the MasteringMetadata::Parse of the mkvparser.cc file in Android, which can be exploited by remote attackers to execute code...

CVE-2018-9553

In MasteringMetadata::Parse of mkvparser.cc there is a possible double free due to an insecure default value. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...

CVE-2018-9553

In MasteringMetadata::Parse of mkvparser.cc there is a possible double free due to an insecure default value. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...

Double free

In MasteringMetadata::Parse of mkvparser.cc there is a possible double free due to an insecure default value. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...

CVE-2018-9553

In MasteringMetadata::Parse of mkvparser.cc there is a possible double free due to an insecure default value. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...

CVE-2018-9553

CVE-2018-9553 : In MasteringMetadata::Parse of mkvparser.cc, a double-free can occur due to an insecure default value, enabling remote code execution. Affected: Android devices/versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9. Exploitation requires user interaction (local attack). Evidence ties this CVE ...

dcraw floating point exception vulnerability (CNVD-2019-00790)

dcraw is a U.S. software developer David J. Coffin developed a set of open source for the camera to shoot the RAW film into PPM or TIFF format picture tool . A floating-point exception vulnerability exists in parsetiffifd in dcraw 9.28 and earlier versions, which can be exploited to cause an...

Code injection

A floating point exception in parsetiffifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code...

UBUNTU-CVE-2018-19567

A floating point exception in parsetiffifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code...

Pastego - Scrape/Parse Pastebin Using GO And Expression Grammar (PEG)

Scrape/Parse Pastebin using GO and grammar expression PEG. Installation $ go get -u github.com/edoz90/pastego Usage Search keywords are case sensitive pastego -s "password,keygen,PASSWORD" You can use boolean operators to reduce false positive pastego -s "quake && earthquake, password && php ||...

Google Android Buffer Overflow Vulnerability (CNVD-2019-27587)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A buffer overflow vulnerability exists in the ixheaacdmpsparse.c file of ixheaacdmpsgetstridemap in the Android 9 release, which stems from a lack of boundary detection in the...

CVE-2018-9347

In function SMFParseMetaEvent of file eassmf.c there is incorrect input validation causing an infinite loop. This could lead to a remote temporary DoS with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...

DEBIAN-CVE-2018-19211

In ncurses 6.1, there is a NULL pointer dereference at function ncparseentry in parseentry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a "dubious character ' in name or alias field" detection...

UBUNTU-CVE-2018-19211

In ncurses 6.1, there is a NULL pointer dereference at function ncparseentry in parseentry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a "dubious character ' in name or alias field" detection...

F5 Networks BIG-IP : Multiple Wireshark vulnerabilities (K34035645)

CVE-2018-7320 In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by validating operand offsets. CVE-2018-7321 In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a lar...

ALPINE-CVE-2018-18751

An issue was discovered in GNU gettext 0.19.8. There is a double free in defaultaddmessage in read-catalog.c, related to an invalid free in pogramparse in po-gram-gen.y, as demonstrated by lt-msgfmt...