158 matches found
CVE-2019-5151
An exploitable SQL injection vulnerability exist in YouPHPTube 7.7. A specially crafted unauthenticated HTTP request can cause a SQL injection, possibly leading to denial of service, exfiltration of the database and local file inclusion, which could potentially further lead to code execution. An...
CVE-2024-48856
Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec...
Advisory ROSA-SA-2025-2552
Software: perl 5.16.3 OS: rosa-server79 packageevrstring: perl-5.16.3-299.0.2.res7 CVE-ID: CVE-2015-8853 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in Perl allows an attacker to cause a denial of service via crafted utf-8 data. CVE-STATUS: The vulnerability has been resolved. CVE-RE...
PT-2025-16185
Name of the Vulnerable Software and Affected Versions Perl versions 5.33.1 through 5.41.10 Perl versions 5.34, 5.36, 5.38, and 5.40 Description A heap buffer overflow vulnerability was discovered in Perl. When there are non-ASCII bytes in the left-hand-side of the tr operator, S do trans invmap c...
[SECURITY] [DLA 3893-1] expat security update
Debian LTS Advisory DLA-3893-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin September 19, 2024 https://wiki.debian.org/LTS Package : expat Version : 2.2.10-2+deb11u6 CVE ID : CVE-2023-52425 CVE-2024-45490 CVE-2024-45491 CVE-2024-45492 Debian Bug : 1063238 108014...
[SECURITY] [DSA 5712-1] ffmpeg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5712-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 15, 2024 https://www.debian.org/security/faq -...
CVE-2024-29163
HDF5 through 1.14.3 contains a heap buffer overflow in H5Tbitfind, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...
CVE-2024-29162
HDF5 through 1.13.3 and/or 1.14.2 contains a stack buffer overflow in H5HGread, resulting in denial of service or potential code execution...
CVE-2024-29161
HDF5 through 1.14.3 contains a heap buffer overflow in H5Aattrreleasetable, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...
CVE-2024-29160
HDF5 through 1.14.3 contains a heap buffer overflow in H5HGcacheheapdeserialize, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...
CVE-2024-29158
HDF5 through 1.14.3 contains a stack buffer overflow in H5FLarrmalloc, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...
FreeImage FreeImageIO.cpp::_MemoryReadProc function integer overflow vulnerability
FreeImage is a cross-platform open source library for supporting popular graphic image formats. An integer overflow vulnerability exists in FreeImage version 3.18.0, which stems from the failure of the component FreeImageIO.cpp::MemoryReadProc to properly handle operations related to integers. An...
CVE-2023-41727
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...
SUSE-SU-2023:4561-1 Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.42.2 bsc1217210: - CVE-2023-41983: Processing web content may lead to a denial-of-service. - CVE-2023-42852: Processing web content may lead to arbitrary code execution. Already previously fixed: - CVE-2022-32919: Visitin...
CVE-2023-24799
D-Link DIR878 DIR878FW120B05 was discovered to contain a stack overflow in the sub48AF78 function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
Important: rsyslog
Issue Overview: A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon or, potentially in rsyslog 7.x, execute arbitrary...
MGASA-2023-0083 Updated dcmtk packages fix security vulnerability
Jinsheng Ba discovered that DCMTK incorrectly handled certain requests. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. CVE-2021-41687, CVE-2021-41688, CVE-2021-41689,...
K51317292: glibc vulnerability CVE-2020-1751
Security Advisory Description An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential...
PT-2023-14072 · Nvidia · Nvidia Bmc
Name of the Vulnerable Software and Affected Versions: NVIDIA BMC affected versions not specified Description: The issue is related to a buffer overflow in the IPMI handler of NVIDIA BMC. An authorized attacker can exploit this to cause a denial of service or potentially gain code execution...
Unauthenticated Stack-Based Buffer Overflow Vulnerability In SonicOS
A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service DoS or potentially results in code execution in the firewall.SonicWall PSIRT is not aware of active exploitation in the wild. No reports of a PoC have be...