Lucene search
K

6686 matches found

Fedora
Fedora
added 2016/01/30 6:27 p.m.27 views

[SECURITY] Fedora 23 Update: imlib2-1.4.7-1.fc23

Imlib 2 is a library that does image file loading and saving as well as rendering, manipulation, arbitrary polygon support, etc. It does ALL of these operations FAST. Imlib2 also tries to be highly intelligent about doing them, so writing naive programs can be done easily, without sacrificing...

7.5CVSS1.4AI score0.02709EPSS
Exploits0
myhack58
myhack58
added 2016/01/29 12:0 a.m.77 views

Ruby on Rails remote code execution vulnerability analysis (CVE-2 0 1 6-0 7 5 2)-vulnerability warning-the black bar safety net

If your application uses a dynamic rendering path, such as render params:id, and then unfortunately, the application currently by the presence of local file inclusion and lead to remote code execution vulnerabilities, please quickly move your Rails to update to the latest version, or for your...

4.3CVSS0.53703EPSS
Exploits2
0day.today
0day.today
added 2016/01/26 12:0 a.m.28 views

pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap Based Out-of-Bounds Read

Exploit for multiple platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=626 The following crash was encountered in pdfium the Chrome PDF renderer during PDF fuzzing: --- cut --- ==9326==ERROR: AddressSanitizer: heap-buffer-overflow on addres...

7.4AI score
Exploits0
CNVD
CNVD
added 2016/01/23 12:0 a.m.5 views

Unspecified Vulnerability in Oracle E-Business Suite Oracle Approvals Management AME Page rendering Component

Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle Approvals Management AME Page rendering component within Oracle E-Business Suite, which could be exploited by remote attackers to submit a special request for...

6.4CVSS6.7AI score0.01748EPSS
Exploits0References1
CNVD
CNVD
added 2016/01/23 12:0 a.m.5 views

Unspecified Vulnerability in Oracle E-Business Suite Oracle E-Business Intelligence Overview Page/Report Rendering Component (CNVD-2016-00598)

Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle E-Business Suite Oracle E-Business Intelligence Overview Page/Report Rendering component, which could be exploited by remote attackers to submit a special reques...

5.5CVSS6.8AI score0.01412EPSS
Exploits0References1
NVD
NVD
added 2016/01/21 3:2 a.m.11 views

CVE-2016-0581

Unspecified vulnerability in the Oracle Approvals Management component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to AME Page rendering...

6.4CVSS5.5AI score0.01748EPSS
Exploits0References2
OSV
OSV
added 2016/01/21 3:2 a.m.4 views

CVE-2016-0581

Unspecified vulnerability in the Oracle Approvals Management component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to AME Page rendering...

5.8AI score0.01748EPSS
Exploits0References2
CVE
CVE
added 2016/01/21 2:0 a.m.45 views

CVE-2016-0581

CVE-2016-0581 concerns an unspecified vulnerability in the Oracle Approvals Management (AME) Page rendering component of Oracle E-Business Suite 11.5.10.2 . The vulnerability allows remote attackers to affect confidentiality and integrity via vectors related to the AME Page rendering. The descrip...

6.4CVSS4.9AI score0.01748EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2016/01/21 2:0 a.m.15 views

CVE-2016-0581

Unspecified vulnerability in the Oracle Approvals Management component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to AME Page rendering...

4.2AI score0.01748EPSS
Exploits0References2
Atlassian
Atlassian
added 2016/01/20 12:46 p.m.15 views

Customer can see Internal Comment created by Automation Action

h5. Environment - run JIRA from atlas-debug - JIRA 7.0.5 - JIRA Service Desk 3.0.5 h5. Steps to reproduce Create Service Desk project go to Administration - Automation tab click New rule - Custom rule add Trigger Issue Created add Action Add comment put some Comment text and select Internal as...

2AI score
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2016/01/13 12:0 a.m.32 views

Microsoft Edge Multiple Vulnerabilities (3124904)

This host is missing a critical security update according to Microsoft Bulletin MS16-002. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.6CVSS6.6AI score0.39413EPSS
Exploits0References2
exploitpack
exploitpack
added 2016/01/11 12:0 a.m.11 views

Adobe Flash (Multiple Scripts) - Use-After-Free When Rendering Displays (1)

Adobe Flash Multiple Scripts - Use-After-Free When Rendering Displays 1 Source: https://code.google.com/p/google-security-research/issues/detail?id=628 There is a use-after-free that appears to be related to rendering the display based on multiple scripts. A PoC is attached, tested on Windows onl...

0.5AI score
Exploits0
0day.today
0day.today
added 2016/01/11 12:0 a.m.34 views

Adobe Flash - Use-After-Free When Rendering Displays From Multiple Scripts (1)

Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=628 There is a use-after-free that appears to be related to rendering the display based on multiple scripts. A PoC is attached, tested on Windows only. Note the PoC is...

9.3CVSS0.4AI score0.26628EPSS
Exploits1
Exploit DB
Exploit DB
added 2016/01/11 12:0 a.m.22 views

Adobe Flash (Multiple Scripts) - Use-After-Free When Rendering Displays (1)

Source: https://code.google.com/p/google-security-research/issues/detail?id=628 There is a use-after-free that appears to be related to rendering the display based on multiple scripts. A PoC is attached, tested on Windows only. Note the PoC is somewhat unreliable on some browsers, sometimes it...

7.4AI score
Exploits0
0day.today
0day.today
added 2015/12/18 12:0 a.m.62 views

Google Chrome - Renderer Process to Browser Process Privilege Escalation

Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=664 There is an overflow in the ui::PlatformCursor WebCursor::GetPlatformCursor method. In src/content/common/cursors/webcursoraurax11.cc&q=webcursoraurax11.cc, there is...

7.5CVSS8.6AI score0.05497EPSS
Exploits1
CNVD
CNVD
added 2015/12/07 12:0 a.m.7 views

Google Chrome 'opj_dwt_decode_1*' Denial of Service Vulnerability

Google Chrome is the United States Google Google company developed a Web browser. PDFium is one of the open source PDF rendering engine. Google Chrome 47.0.2526.73 previous versions of PDFium used in OpenJPEG's dwt.c file in the 'opjdwtdecode1' function has a security vulnerability. A remote...

6.8CVSS8.9AI score0.0146EPSS
Exploits0References1
CNVD
CNVD
added 2015/12/07 12:0 a.m.3 views

Google Chrome PDFium Denial of Service Vulnerability (CNVD-2015-07966)

Google Chrome is the United States Google Google company developed a Web browser. PDFium is one of the open source PDF rendering engine. Google Chrome 47.0.2526.73 previous versions of PDFium used in the fxcodec/jbig2/JBig2SymbolDict.cpp file in the 'CJBig2SymbolDict' class there is a security...

7.5CVSS8.8AI score0.01682EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/11/30 12:0 a.m.38 views

Mozilla Thunderbird < 38.4 Multiple Vulnerabilities (Mac OS X)

The version of Thunderbird installed on the remote Mac OS X host is prior to 38.4. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these issues, vi...

9.8CVSS8.4AI score0.10238EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2015/11/05 12:0 a.m.37 views

Firefox ESR < 38.4 Multiple Vulnerabilities

The version of Firefox ESR installed on the remote Windows host is prior to 38.4. It is, therefore, affected by the following vulnerabilities : - Multiple memory corruption issues exist due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these issues...

9.8CVSS7.6AI score0.10238EPSS
Exploits0References23
Mozilla
Mozilla
added 2015/11/03 12:0 a.m.62 views

Vulnerabilities found through code inspection — Mozilla

Security researcher Ronald Crane reported three vulnerabilities affecting released code that were found through code inspection. These included a buffer overflow in the ANGLE graphics library and two issues of missing status checks in SVG rendering and during cryptographic key manipulation. These...

7.5CVSS9.7AI score0.03218EPSS
Exploits0References6Affected Software3
Rows per page
Query Builder