Information Disclosure

firefox is vulnerable to information disclosure. The vulnerability exists due to an error when processing a redirect with a conflicting Referrer-Policy. The browser adopts redirect's Referrer-Policy, which may result in disclosure of more information than intended by the original origin...

CVE-2021-25141

A security vulnerability has been identified in in certain HPE and Aruba L2/L3 switch firmware. A data processing error due to improper handling of an unexpected data type in user supplied information to the switch's management interface has been identified. The data processing error could be...

CVE-2021-25141

A security vulnerability has been identified in in certain HPE and Aruba L2/L3 switch firmware. A data processing error due to improper handling of an unexpected data type in user supplied information to the switch's management interface has been identified. The data processing error could be...

ImageMagick Input Validation Error Vulnerability (CNVD-2021-11327)

ImageMagick is a suite of open source image processing software. The software can read, convert or write images in a variety of formats. ImageMagick suffers from a security vulnerability, which stems from IntensityCompare of /magick/quantize.c, where a call to PixelPacketIntensity returns an...

CVE-2020-3565

A vulnerability in the TCP Intercept functionality of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured Access Control Policies including Geolocation and Service Polices on an affected system. The vulnerability exists because TCP...

OSV-2020-1536 Segv on unknown address in GetValueFromLinkedList

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20923 Crash type: Segv on unknown address Crash state: GetValueFromLinkedList Magick::throwException Magick::Image::read...

PT-2020-3186 · Microsoft · Windows Address Book +1

Name of the Vulnerable Software and Affected Versions: Windows Address Book affected versions not specified Description: A remote code execution issue exists due to improper processing of vcard files by Windows Address Book WAB. An attacker can exploit this by sending a malicious vcard file that...

CVE-2020-3225

Multiple vulnerabilities in the implementation of the Common Industrial Protocol CIP feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerabilities a...

CVE-2019-4762

IBM MQ 9.0 and 9.1 is vulnerable to a denial of service attack due to an error in the Channel processing function. IBM X-Force ID: 173625...

CVE-2016-10829

cPanel before 55.9999.141 allows arbitrary file-read operations because of a multipart form processing error SEC-99...

CVE-2019-1858

A vulnerability in the Simple Network Management Protocol SNMP input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly...

Denial Of Service (DoS)

Microsoft .NET Framework is vulnerable to denial of serviceDoS attacks. A remote user could send specially crafted requests to the target .NET web application to trigger a request processing error in the Microsoft Common Object Runtime Library and cause denial of service conditions which leads...

Microsoft Edge Spoofing Vulnerability (CNVD-2019-02771)

Microsoft Windows 10 and others are operating systems released by Microsoft Corporation USA.Edge is one of the default browsers that comes with the system. A spoofing vulnerability exists in Microsoft Edge that stems from the program's failure to properly process HTML content. A remote attacker c...

Design/Logic Flaw

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 820 and SD 820A, the input to RPMB write response function is a buffer from HLOS that needs to be authenticated using HMAC and then processed. However, some of the processing...

PostgreSQL Information Disclosure Vulnerability-01 (Feb 2018) - Windows

PostgreSQL is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-12318

A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices could allow an unauthenticated, remote attacker to prevent an affected device from delivering switched digital video SDV or video on demand VoD streams, resulting in a denial of service DoS condition. The vulnerability is due ...

CVE-2017-12318

A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices could allow an unauthenticated, remote attacker to prevent an affected device from delivering switched digital video SDV or video on demand VoD streams, resulting in a denial of service DoS condition. The vulnerability is due ...

Cisco RF Gateway 1 TCP Connection Denial of Service Vulnerability

A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices could allow an unauthenticated, remote attacker to prevent an affected device from delivering switched digital video SDV or video on demand VoD streams, resulting in a denial of service DoS condition. The vulnerability is due ...

Adobe Acrobat and Reader Out-of-bounds Read (APSB17-36: CVE-2017-16409)

A memory corruption vulnerability exists in Adobe Acrobat And Reader. The vulnerability is due to an error in the image conversion engine when processing Enhanced Metafile Format EMF private data. A remote attacker may exploit this vulnerability by using the out of bounds access for unintended...

Authentication flaw

A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges. The vulnerability is due to a processing error in the role-based access control RBAC of URLs. An attacker could...