3385 matches found
CVE-2023-46048
Tex Live 944e257 has a NULL pointer dereference in texk/web2c/pdftexdir/writet1.c. NOTE: this is disputed because it should be categorized as a usability problem...
CVE-2023-45925
GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to contain a NULL pointer dereference via the function xerrorhandler at tty/x11conn.c. NOTE: this is disputed because it should be categorized as a usability problem an X operation silently fails...
UBUNTU-CVE-2023-45925
DISPUTED GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to contain a NULL pointer dereference via the function xerrorhandler at tty/x11conn.c. NOTE: this is disputed because it should be categorized as a usability problem an X operation silently fails...
CVE-2023-31854
std::badalloc is mishandled in Precomp 0.4.8. NOTE: this is disputed because it should be categorized as a usability problem...
CVE-2023-31854
std::badalloc is mishandled in Precomp 0.4.8. NOTE: this is disputed because it should be categorized as a usability problem...
CVE-2023-45925
GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to contain a NULL pointer dereference via the function xerrorhandler at tty/x11conn.c. NOTE: this is disputed because it should be categorized as a usability problem an X operation silently fails...
CVE-2023-46051
CVE-2023-46051 affects TeX Live 944e257, with a vulnerability in texk/web2c/pdftexdir/tounicode.c that may cause a NULL pointer dereference. The issue is documented as a potential crash (local impact) with no confidentiality or integrity loss, and a low overall base score (AV:L/AC:L/PR:N/UI:R/S:U...
CVE-2023-45925
GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to contain a NULL pointer dereference via the function xerrorhandler at tty/x11conn.c. NOTE: this is disputed because it should be categorized as a usability problem an X operation silently fails...
CVE-2023-46049
CVE-2023-46049 describes a NULL pointer dereference in LLVM 15.0.0’s parseOneMetadata() when processing a crafted pdflatex.fmt (or possibly a crafted .o) fed to llvm-lto. The connected Nessus/OpenVAS advisories (TencentOS/Tencent Linux, EulerOS) explicitly cite this description block and note the...
CVE-2023-46049
LLVM 15.0.0 has a NULL pointer dereference in the parseOneMetadata function via a crafted pdflatex.fmt file or perhaps a crafted .o file to llvm-lto. NOTE: this is disputed because the relationship between pdflatex.fmt and any LLVM language front end is not explained, and because a crash of the...
CVE-2023-31854
CVE-2023-31854 concerns Precomp 0.4.8, where the program mishandles std::bad_alloc. The description notes that this is disputed and should be categorized as a usability problem, which is reflected across multiple sources (NVD/Red Hat/CVE listings). The connected documents confirm the affected com...
CVE-2023-46051
TeX Live 944e257 allows a NULL pointer dereference in texk/web2c/pdftexdir/tounicode.c. NOTE: this is disputed because it should be categorized as a usability problem...
CVE-2023-45925
GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to contain a NULL pointer dereference via the function xerrorhandler at tty/x11conn.c. NOTE: this is disputed because it should be categorized as a usability problem an X operation silently fails...
CVE-2023-46051
TeX Live 944e257 allows a NULL pointer dereference in texk/web2c/pdftexdir/tounicode.c. NOTE: this is disputed because it should be categorized as a usability problem...
CVE-2023-50960
IBM QRadar SIEM is vulnerable to CVE-2023-50960, a stored cross-site scripting flaw in the Web UI. The IBM bulletin specifies affected product: IBM QRadar SIEM 7.5.0 UP7, with fix in 7.5.0 UP8; exploitation details are not provided beyond the stored XSS description, and the impact is potential cr...
SUSE SLES15 / openSUSE 15 Security Update : python-uamqp (SUSE-SU-2024:0947-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0947-1 advisory. - The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an incorrect AMQPVALUE failed...
CVE-2024-24883
CVE-2024-24883 affects BdThemes Prime Slider – Addons For Elementor (WordPress). Affected versions: up to 3.11.10. Root cause: missing authorization check in bdt_duplicate_as_draft() allows authenticated users with contributor-level access and above to duplicate private/password-protected posts. ...
CVE-2024-25907
CVE-2024-25907 affects WP Media Folder plugin for WordPress (versions
CVE-2024-24850
CVE-2024-24850: Quicksand Post Filter jQuery Plugin (WordPress) <= 3.1.1 has a Missing Authorization vulnerability via quicksand_admin_ajax, allowing unauthenticated access to delete arbitrary site options (Broken Access Control). The CVE is listed with a high risk in WordPress vulnerability f...
CVE-2024-25912
CVE-2024-25912 concerns the WordPress Moveto (MoveTo) plugin by Skymoonlabs, affecting MoveTo versions from n/a through 6.2. The root issue is Missing Authorization, allowing an unauthenticated attacker to perform an Unauthenticated Settings Change. The CVSS 3.1 base score is 9.8 (Network attack ...