CVE-2018-20671

loadspecificdebugsection in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size...

Mail.ru: Stored XSS in Review Section https://games.mail.ru/

Stored XSS via malcrafted link bbcode in review editor...

EulerOS 2.0 SP3 : gdb (EulerOS-SA-2019-2584)

According to the version of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can...

RLSA-2019:4273 Important: container-tools:1.0 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: HTTP/2: flood using PING frames results in unbounded memory growth CVE-2019-9512 HTTP/2: flood using HEADERS frames results in unbounded memory growth CVE-2019-9514 Fo...

Important: Red Hat Security Advisory: Red Hat Data Grid 7.3.2 security update

An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

Online Inventory Manager 3.2 - Persistent Cross-Site Scripting

Exploit Title: Online Inventory Manager 3.2 - Persistent Cross-Site Scripting Date: 2019-11-29 Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Link : https://bigprof.com/appgini/applications/online-inventory-manager Software : Online Inventory Manager Version : 3....

UBUNTU-CVE-2019-19308

In texttoglyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section due to a gstrconcat call that returns NULL...

CVE-2019-19308

In texttoglyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section due to a gstrconcat call that returns NULL...

CVE-2019-19308

In texttoglyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section due to a gstrconcat call that returns NULL...

PT-2019-15805 · Gnome · Gnome-Font-Viewer

Name of the Vulnerable Software and Affected Versions: gnome-font-viewer version 3.34.0 Description: The issue arises from a NULL pointer dereference in the text to glyphs function in sushi-font-widget.c while parsing a TTF font file that lacks a name section. This occurs due to a g strconcat cal...

EulerOS 2.0 SP8 : gdb (EulerOS-SA-2019-2279)

According to the version of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can...

Important: Red Hat Security Advisory: SDL security update

An update for SDL is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

CVE-2019-12299

Sandline Centraleyezer On Premises allows Stored XSS using HTML entities in the name field of the Category section...

Design/Logic Flaw

Sandline Centraleyezer On Premises allows Stored XSS using HTML entities in the name field of the Category section...

CVE-2019-12299

Sandline Centraleyezer On Premises allows Stored XSS using HTML entities in the name field of the Category section...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

EulerOS 2.0 SP5 : libdwarf (EulerOS-SA-2019-2204)

According to the versions of the libdwarf package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - dwarfleb.c in libdwarf allows attackers to cause a denial of service SIGSEGV.CVE-2015-8538 - The dwarfdealloc function in libdwarf before...

CVE-2019-8137

A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to manipulate CMS section of the website can trigger remote code execution via custom layout update...

CVE-2019-8137

A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to manipulate CMS section of the website can trigger remote code execution via custom layout update...