EUVD-2017-2585

Malware in sbrugna...

EUVD-2022-53366

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-24764

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. Versions 2.12 and prior contain a stack buffer overflow vulnerability that affect...

DEBIAN-CVE-2022-50052

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential buffer overflow by snprintf snprintf returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in a buffer overflow although it's...

CVE-2024-35240

Umbraco Commerce is an open source dotnet ecommerce solution. In affected versions there exists a stored Cross-site scripting XSS issue which would enable attackers to inject malicious code into Print Functionality. This issue has been addressed in versions 12.1.4, and 10.0.5. Users are advised t...

CVE-2024-8001

A vulnerability was found in VIWIS LMS 9.11. It has been classified as critical. Affected is an unknown function of the component Print Handler. The manipulation leads to missing authorization. It is possible to launch the attack remotely. A user with the role learner can use the administrative...

CVE-2024-43362 Stored Cross-site Scripting (XSS) when creating external links in Cacti

Cacti is an open source performance and fault management framework. The fileurl parameter is not properly sanitized when saving external links in links.php . Morever, the said fileurl is placed in some html code which is passed to the print function in link.php and index.php, finally leading to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the use of sprintf leading to unsafe data handling...

PT-2024-26404 · Umbraco · Umbraco Commerce

Name of the Vulnerable Software and Affected Versions: Umbraco Commerce versions prior to 10.0.5 Umbraco Commerce versions prior to 12.1.4 Description: The issue is a stored Cross-site scripting XSS problem that allows attackers to inject malicious code into the Print Functionality. This enables...

CVE-2023-47251

In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, a Directory Traversal in the print function of the VNC service allows authenticated attackers with access to a VNC session to automatically transfer malicious PDF documents by moving them into the .spool directory, and then...

CVE-2023-47251

In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, a Directory Traversal in the print function of the VNC service allows authenticated attackers with access to a VNC session to automatically transfer malicious PDF documents by moving them into the .spool directory, and then...

CVE-2023-47251

In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, a Directory Traversal in the print function of the VNC service allows authenticated attackers with access to a VNC session to automatically transfer malicious PDF documents by moving them into the .spool directory, and then...

CVE-2023-37770

faust commit ee39a19 was discovered to contain a stack overflow via the component boxppShared::print at /boxes/ppbox.cpp...

PT-2023-24963 · Unknown · Kioware For Windows

Name of the Vulnerable Software and Affected Versions: KioWare for Windows versions through 8.33 Description: The issue is related to an incomplete blacklist filter for blocked dialog boxes on Windows 10. Attackers can exploit this by opening a file dialog box via the window.print function, which...

SUSE CVE-2007-6613

Stack-based buffer overflow in the printiso9660recurse function in iso-info src/iso-info.c in GNU Compact Disc Input and Control Library libcdio 0.79 and earlier allows context-dependent attackers to cause a denial of service core dump and possibly execute arbitrary code via a disk or image that...

SUSE CVE-2008-0667

The DOC.print function in the Adobe JavaScript API, as used by Adobe Acrobat and Reader before 8.1.2, allows remote attackers to configure silent non-interactive printing, and trigger the printing of an arbitrary number of copies of a document. NOTE: this issue might be subsumed by CVE-2008-0655...

SUSE CVE-2014-7913

The printoption function in dhcp-common.c in dhcpcd through 6.9.1, as used in dhcp.c in dhcpcd 5.x in Android before 5.1 and other products, misinterprets the return value of the snprintf function, which allows remote DHCP servers to execute arbitrary code or cause a denial of service memory...

SUSE CVE-2016-7927

The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-80211.c:ieee80211radioprint...

SUSE CVE-2017-13051

The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvpobjprint...

tcpdump: Buffer over-read in rsvp_obj_print() function in print-rsvp.c

An out-of-bounds read vulnerability was discovered in tcpdump while printing RSVP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...