[SECURITY] [DLA 3267-1] libxstream-java security update

Debian LTS Advisory DLA-3267-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 11, 2023 https://wiki.debian.org/LTS Package : libxstream-java Version : 1.4.11.1-1+deb10u4 CVE ID : CVE-2022-41966 Debian Bug : 1027754 XStream serializes Java objects to XML a...

XStream can cause Denial of Service via stack overflow

Impact The vulnerability may allow a remote attacker to terminate the application with a stack overflow error resulting in a denial of service only by manipulating the processed input stream. Patches XStream 1.4.20 handles the stack overflow and raises an InputManipulationException instead...

GO-2022-1167 Denial of service in string value parsing in helm.sh/helm/v3

Applications that use the strvals package in the Helm SDK to parse user supplied input can suffer a Denial of Service when that input causes an error that cannot be recovered from. The strvals package contains a parser that turns strings into Go structures. For example, the Helm client has comman...

UBUNTU-CVE-2022-41881

Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except...

Akka HTTP versions <= 10.0.5 Illegal Media Range in Accept Header Causes StackOverflowError Leading to Denial of Service

...

NewStart CGSL CORE 5.04 / MAIN 5.04 : ghostscript Multiple Vulnerabilities (NS-SA-2019-0035)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has ghostscript packages installed that are affected by multiple vulnerabilities: - The settextdistance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent...

EulerOS Virtualization 2.5.4 : ghostscript (EulerOS-SA-2019-1215)

According to the versions of the ghostscript package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The settextdistance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does...

Adobe Digital Editions Multiple Information Disclosure Vulnerabilities (APSB18-13) - Mac OS X

Adobe Digital Edition is prone to multiple information disclosure vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Digital Editions Multiple Vulnerabilities (Jun 2017) - Mac OS X

Adobe Digital Edition is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:digitaleditions...

Microsoft Office Remote Code Execution Vulnerabilities (2423930)

This host is missing a critical security update according to Microsoft Bulletin MS10-087. OpenVAS Vulnerability Test $Id: secpodms10-087.nasl 7585 2017-10-26 15:03:01Z cfischer $ Microsoft Office Remote Code Execution Vulnerabilities 2423930 Authors: Sooraj KS Copyright: Copyright c 2010 SecPod,...

Microsoft Office Word Remote Code Execution Vulnerabilities (2293194)

This host is missing a critical security update according to Microsoft Bulletin MS10-079. OpenVAS Vulnerability Test $Id: secpodms10-079.nasl 6533 2017-07-05 08:41:34Z santu $ Microsoft Office Word Remote Code Execution Vulnerabilities 2293194 Authors: Antu Sanadi Copyright: Copyright c 2010...

Microsoft Office Word Remote Code Execution Vulnerabilities (2293194)

This host is missing a critical security update according to Microsoft Bulletin MS10-079. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft IIS ASP Stack Based Buffer Overflow Vulnerability

The host is running Microsoft IIS Webserver and is prone to stack based buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbmsiisbofvuln.nasl 5323 2017-02-17 08:49:23Z teissa $ Microsoft IIS ASP Stack Based Buffer Overflow Vulnerability Authors: Antu Sanadi Copyright: Copyright c 201...

Microsoft Office .WPS File Stack Overflow Exploit (MS08-011)

No description provided by source. / Copyright c 2008 chujwamwdupe - pumpernikiel.c one day in teletubby land... an email from idefense: "Unfortunately, Microsoft has refused to credit you using the name you requested." ...what's wrong with 'chujwamwdupe', eh? Description:...

devcode2.txt

/ version 0.5 Copyright c 2007 devcode ^^ D E V C O D E ^^ Windows .ANI LoadAniIcon Stack Overflow For Hardware DEP XP SP2 CVE-2007-1765 Description: A vulnerability has been identified in Microsoft Windows, which could be exploited by remote attackers to take complete control of an affected...

Microsoft Internet Explorer 5/6 / Mozilla 0.8/0.9.x / Opera 5/6 - JavaScript Interpreter Denial of Service

source: https://www.securityfocus.com/bid/4322/info It is possible to create a loop in JavaScript which is capable of crashing various web browsers. This is due to a flaw in the JavaScript interpreter. Browsers that have been tested include Microsoft Internet Explorer, Mozilla and Opera. It has...