PT-2023-16985 · Sourcecodester · Sourcecodester Automatic Question Paper Generator System

Name of the Vulnerable Software and Affected Versions: SourceCodester Automatic Question Paper Generator System version 1.0 Description: A critical issue has been found in the GET Parameter Handler component of the file admin/courses/view course.php. The manipulation of the id argument leads to s...

Important: Red Hat Security Advisory: Synopsis: Red Hat OpenStack Platform (openstack-cinder) security update

An update for openstack-cinder is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform (collectd-libpod-stats) security update

An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

CVE-2023-27052

E-Commerce System v1.0 ws discovered to contain a SQL injection vulnerability via the id parameter at /admin/deleteuser.php...

Moderate: Red Hat Security Advisory: Logging Subsystem 5.6.3 - Red Hat OpenShift

Logging Subsystem 5.6.3 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Referenc...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

Critical: Red Hat Security Advisory: OpenShift Developer Tools and Services for OCP 4.12 security update

An update for Jenkins and Jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.12. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Moderate: libjpeg-turbo security update

The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. Security Fixes: libjpeg-turbo: heap...

CVE-2023-27566

Cubism Core in Live2D Cubism Editor 4.2.03 allows out-of-bounds write via a crafted Section Offset Table or Count Info Table in an MOC3 file...

CVE-2023-27566

Cubism Core in Live2D Cubism Editor 4.2.03 allows out-of-bounds write via a crafted Section Offset Table or Count Info Table in an MOC3 file...

Live2D 缓冲区错误漏洞

Live2D is a deformation tool that can be used in a variety of situations from Live2D. A security vulnerability exists in Live2D Cubism Editor version 4.2.03, which stems from allowing out-of-bounds writes through carefully crafted cross-section offset tables or count information tables in MOC3...

CVE-2023-24045

In Dataiku DSS 11.2.1, an attacker can download other Dataiku files that were uploaded to the myfiles section by specifying the target username in a download request...

PT-2023-35535 · Hdf5 · Hdf5

Name of the Vulnerable Software and Affected Versions: HDF5 affected versions not specified Description: A heap buffer overflow read issue has been identified, which can cause a crash. The crash occurs due to an overflow in the heap buffer, specifically a READ 8 operation. The issue is related to...

Simple Customer Relationship Management SQL注入漏洞

Simple Customer Relationship Management Simple CRM is a simple customer relationship management system by the individual developer Carlo Montero. A SQL injection vulnerability exists in Simple Customer Relationship Management version 1.0, which stems from a problem in the unknown section of the...

Two Supreme Court cases could change the Internet as we know it

The Supreme Court is about to reconsider Section 230, a law thats been the foundation of the way we have used the Internet for decades. The court will be handling a few cases that at first glance are about online platforms' liability for hosting accounts from foreign terrorists. But at a deeper...

SUSE CVE-2004-1065

Buffer overflow in the exifreaddata function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file...

SUSE CVE-2004-1090

Midnight commander mc 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."...

SUSE CVE-2014-8116

The ELF parser readelf.c in file before 5.21 allows remote attackers to cause a denial of service CPU consumption or crash via a large number of 1 program or 2 section headers or 3 invalid capabilities...

SUSE CVE-2015-8078

Integer overflow in the indexurlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the sectionoffset variable. NOTE: this vulnerability exists because of an incomplete fix for...