Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. A vulnerability exists in how WPF applications load and render XPS documents which may result in remote code execution. Remediation Upgrade Microsoft.WindowsDesktop.App.Runtime.win-x64 to version 6.0.18, 7.0.7...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. A vulnerability exists in how WPF applications load and render XPS documents which may result in remote code execution. Remediation Upgrade Microsoft.WindowsDesktop.App.Runtime.win-x86 to version 6.0.18, 7.0.7...

Odoo 安全漏洞

Odoo is an Enterprise Resource Planning ERP and Customer Relationship Management CRM system from Odoo Belgium. The system is developed in the Python language, with PostgreSQL as the database, and includes modules for sales management, inventory management, and financial management. A security...

[SECURITY] Fedora 38 Update: php-Smarty-3.1.48-1.fc38

Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. This implies that PHP code is application logic, and is separated from the presentation. Autoloader: /usr/share/php/Smarty/autoload.php...

Fedora: Security Advisory for php-Smarty (FEDORA-2023-4b03f6cd8a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: php-Smarty-3.1.48-1.fc36

Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. This implies that PHP code is application logic, and is separated from the presentation. Autoloader: /usr/share/php/Smarty/autoload.php...

[SECURITY] Fedora 37 Update: php-Smarty-3.1.48-1.fc37

Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. This implies that PHP code is application logic, and is separated from the presentation. Autoloader: /usr/share/php/Smarty/autoload.php...

Pakistan-Origin SideCopy Linked to New Cyberattack on India's Ministry of Defence

An advanced persistent threat APT group that has a track record of targeting India and Afghanistan has been linked to a new phishing campaign that delivers Action RAT. According to Cyble, which attributed the operation to SideCopy , the activity cluster is designed to target the Defence Research...

The vulnerability of the Microsoft OneNote note-taking software, related to errors in information presentation on the user interface, allows a perpetrator to exploit their privileges.

The vulnerability of the Microsoft OneNote note-taking software relates to information representation errors in the user interface. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

SUSE CVE-2004-0367

Ethereal 0.10.1 to 0.10.2 allows remote attackers to cause a denial of service crash via a zero-length Presentation protocol selector...

SUSE CVE-2008-1082

Opera before 9.26 allows remote attackers to "bypass sanitization filters" and conduct cross-site scripting XSS attacks via crafted attribute values in an XML document, which are not properly handled during DOM presentation...

SUSE CVE-2014-9835

Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file...

SUSE CVE-2015-8979

Stack-based buffer overflow in the parsePresentationContext function in storescp in DICOM dcmtk-3.6.0 and earlier allows remote attackers to cause a denial of service segmentation fault via a long string sent to TCP port 4242...

SUSE CVE-2016-2326

Integer overflow in the asfwritepacket function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS aka presentation timestamp value in a .mov file...

SUSE CVE-2016-7872

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution...

SUSE CVE-2020-6559

Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Malicious Package

Overview waffles2-presentation is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

MAL-2023-90 Malicious code in andr0idp4r4n0id_presentation_package_1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0d8700448c42488be8c5d0f7e8b6e33da7154976ccfc453ab4024fcd714b4435 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Fedora 36 : php-Smarty (2022-52154efd61)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-52154efd61 advisory. 3.1.47 - 2022-09-14 Security - Applied appropriate javascript and html escaping in mailto plugin to counter injection attacks 454 Fixed - Fixed use ...

nuvola - Tool To Dump And Perform Automatic And Manual Security Analysis On Aws Environments Configurations And Services

nuvola with the lowercase n is a tool to dump and perform automatic and manual security analysis on AWS environments configurations and services using predefined, extensible and custom rules created using a simple Yaml syntax. The general idea behind this project is to create an abstracted digita...