BIT-POSTGRESQL-2024-10979 PostgreSQL PL/Perl environment variable changes execute arbitrary code

Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables e.g. PATH. That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions...

CVE-2024-10979

Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables e.g. PATH. That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions...

Huawei EulerOS: Security Advisory for syslinux (EulerOS-SA-2024-2915)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 5 : libpng (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libpng: underflow read in pngcheckkeyword CVE-2015-8540 - The pngpushreadzTXt function in pngpread.c in...

CVE-2016-8728

An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs ...

CVE-2016-8728

An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs ...

Out-Of-Bounds Write Vulnerability

MuPDF is vulnerable to an out-of-bounds write vulnerability. A flaw in the glyph scaling code leads to an overwrite of heap metadata and sensitive process memory when an attacker opens a malicious file in a vulnerable reader. This vulnerability also potentially results in code execution...

FontParser Buffer Overflow Vulnerability in Multiple Apple Products

Apple iOS and tvOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; tvOS is a smart TV operating system; Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems; watchOS is a smart watch FontParser is one ...

F5 Networks BIG-IP : libpng out-of-bounds read vulnerability (SOL21057235)

The pngconverttorfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read. C Tenable Network...

CVE-2015-7499

Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors...

Out-of-bounds

The pngconverttorfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read...

CVE-2015-7981

The pngconverttorfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read...

Jef Moine abcm2ps 3.7.20 ABC File Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12022/info abcm2ps is reported prone to a remote buffer overflow vulnerability. This issue arises because the application fails to carry out proper boundary checks before copying user-supplied data into sensitive process...

PSOProxy 0.91 Remote Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/9706/info It has been reported that PSOProxy is prone to a remote buffer overflow vulnerability. The issue is due to the insufficient boundary checking. A malicious user may exploit this condition to potentially corrupt...

CVE-2011-4607

PuTTY 0.59 through 0.61 does not clear sensitive process memory when managing user replies that occur during keyboard-interactive authentication, which might allow local users to read login passwords by obtaining access to the process' memory...

CVE-2013-4208

The rsaverify function in PuTTY before 0.63 1 does not clear sensitive process memory after use and 2 does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys...

Use after free

The rsaverify function in PuTTY before 0.63 1 does not clear sensitive process memory after use and 2 does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys...

CVE-2013-4208

The rsaverify function in PuTTY before 0.63 1 does not clear sensitive process memory after use and 2 does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys...

ICQ 6 - 'Personal Status Manager' Remote Buffer Overflow (PoC)

source: https://www.securityfocus.com/bid/28803/info ICQ is prone to a remote buffer-overflow vulnerability because the application fails to perform boundary checks before copying user-supplied data into sensitive process buffers. A remote attacker may execute arbitrary code in the context of the...

Microsoft Internet Explorer 6 - RDS.DataControl Denial of Service

Microsoft Internet Explorer 6 - RDS.DataControl Denial of Service source: https://www.securityfocus.com/bid/18900/info Microsoft Internet Explorer 6 is reportedly prone to a denial-of-service vulnerability because the application fails to perform boundary checks before copying user-supplied data...