6686 matches found
[SECURITY] Fedora 23 Update: imlib2-1.4.7-1.fc23
Imlib 2 is a library that does image file loading and saving as well as rendering, manipulation, arbitrary polygon support, etc. It does ALL of these operations FAST. Imlib2 also tries to be highly intelligent about doing them, so writing naive programs can be done easily, without sacrificing...
Ruby on Rails remote code execution vulnerability analysis (CVE-2 0 1 6-0 7 5 2)-vulnerability warning-the black bar safety net
If your application uses a dynamic rendering path, such as render params:id, and then unfortunately, the application currently by the presence of local file inclusion and lead to remote code execution vulnerabilities, please quickly move your Rails to update to the latest version, or for your...
pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap Based Out-of-Bounds Read
Exploit for multiple platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=626 The following crash was encountered in pdfium the Chrome PDF renderer during PDF fuzzing: --- cut --- ==9326==ERROR: AddressSanitizer: heap-buffer-overflow on addres...
Unspecified Vulnerability in Oracle E-Business Suite Oracle Approvals Management AME Page rendering Component
Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle Approvals Management AME Page rendering component within Oracle E-Business Suite, which could be exploited by remote attackers to submit a special request for...
Unspecified Vulnerability in Oracle E-Business Suite Oracle E-Business Intelligence Overview Page/Report Rendering Component (CNVD-2016-00598)
Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle E-Business Suite Oracle E-Business Intelligence Overview Page/Report Rendering component, which could be exploited by remote attackers to submit a special reques...
CVE-2016-0581
Unspecified vulnerability in the Oracle Approvals Management component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to AME Page rendering...
CVE-2016-0581
Unspecified vulnerability in the Oracle Approvals Management component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to AME Page rendering...
CVE-2016-0581
CVE-2016-0581 concerns an unspecified vulnerability in the Oracle Approvals Management (AME) Page rendering component of Oracle E-Business Suite 11.5.10.2 . The vulnerability allows remote attackers to affect confidentiality and integrity via vectors related to the AME Page rendering. The descrip...
CVE-2016-0581
Unspecified vulnerability in the Oracle Approvals Management component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to AME Page rendering...
Customer can see Internal Comment created by Automation Action
h5. Environment - run JIRA from atlas-debug - JIRA 7.0.5 - JIRA Service Desk 3.0.5 h5. Steps to reproduce Create Service Desk project go to Administration - Automation tab click New rule - Custom rule add Trigger Issue Created add Action Add comment put some Comment text and select Internal as...
Microsoft Edge Multiple Vulnerabilities (3124904)
This host is missing a critical security update according to Microsoft Bulletin MS16-002. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Adobe Flash (Multiple Scripts) - Use-After-Free When Rendering Displays (1)
Adobe Flash Multiple Scripts - Use-After-Free When Rendering Displays 1 Source: https://code.google.com/p/google-security-research/issues/detail?id=628 There is a use-after-free that appears to be related to rendering the display based on multiple scripts. A PoC is attached, tested on Windows onl...
Adobe Flash - Use-After-Free When Rendering Displays From Multiple Scripts (1)
Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=628 There is a use-after-free that appears to be related to rendering the display based on multiple scripts. A PoC is attached, tested on Windows only. Note the PoC is...
Adobe Flash (Multiple Scripts) - Use-After-Free When Rendering Displays (1)
Source: https://code.google.com/p/google-security-research/issues/detail?id=628 There is a use-after-free that appears to be related to rendering the display based on multiple scripts. A PoC is attached, tested on Windows only. Note the PoC is somewhat unreliable on some browsers, sometimes it...
Google Chrome - Renderer Process to Browser Process Privilege Escalation
Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=664 There is an overflow in the ui::PlatformCursor WebCursor::GetPlatformCursor method. In src/content/common/cursors/webcursoraurax11.cc&q=webcursoraurax11.cc, there is...
Google Chrome 'opj_dwt_decode_1*' Denial of Service Vulnerability
Google Chrome is the United States Google Google company developed a Web browser. PDFium is one of the open source PDF rendering engine. Google Chrome 47.0.2526.73 previous versions of PDFium used in OpenJPEG's dwt.c file in the 'opjdwtdecode1' function has a security vulnerability. A remote...
Google Chrome PDFium Denial of Service Vulnerability (CNVD-2015-07966)
Google Chrome is the United States Google Google company developed a Web browser. PDFium is one of the open source PDF rendering engine. Google Chrome 47.0.2526.73 previous versions of PDFium used in the fxcodec/jbig2/JBig2SymbolDict.cpp file in the 'CJBig2SymbolDict' class there is a security...
Mozilla Thunderbird < 38.4 Multiple Vulnerabilities (Mac OS X)
The version of Thunderbird installed on the remote Mac OS X host is prior to 38.4. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these issues, vi...
Firefox ESR < 38.4 Multiple Vulnerabilities
The version of Firefox ESR installed on the remote Windows host is prior to 38.4. It is, therefore, affected by the following vulnerabilities : - Multiple memory corruption issues exist due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these issues...
Vulnerabilities found through code inspection — Mozilla
Security researcher Ronald Crane reported three vulnerabilities affecting released code that were found through code inspection. These included a buffer overflow in the ANGLE graphics library and two issues of missing status checks in SVG rendering and during cryptographic key manipulation. These...