5910 matches found
CVE-2020-35492
A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untruste...
CVE-2020-35492
CVE-2020-35492 affects cairo’s image-compositor.c in all versions before 1.17.4. A crafted input file can cause a stack buffer overflow (out-of-bounds write), with impact on confidentiality, integrity, and availability. Root cause: unchecked memory/write in image-compositor when processing untrus...
CVE-2020-35492
A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untruste...
CVE-2020-35492
A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untruste...
Stack-based Buffer Overflow
A flaw was found in cairo's image-compositor.c in all This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input to cause a stack...
Trojan-Proxy.Win32.Wimain Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/8936c97e99799809812fa740076a2d7f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Proxy.Win32.Wimain Vulnerability: Remote Stack Buffer Overflow Description: Win32.Wimain troj...
NewStart CGSL CORE 5.04 / MAIN 5.04 : tigervnc Multiple Vulnerabilities (NS-SA-2021-0035)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has tigervnc packages installed that are affected by multiple vulnerabilities: - TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If...
Stack Buffer Overflow Vulnerability in XnView
XnView as an image viewer with image browsing, screen capture, slideshow, batch conversion and more. XnView suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to cause a denial of service...
Oracle Linux 8 : grub2 (ELSA-2021-0696)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-0696 advisory. - Add CVE-2020-15706, CVE-2020-15707 to the list Orabug: 31225072 Tenable has extracted the preceding description block directly from the Oracle Linux...
CVE-2020-27749
A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that...
CVE-2020-27749
A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that...
DEBIAN-CVE-2020-27749
A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that...
Design/Logic Flaw
A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that...
CVE-2020-27749
CVE-2020-27749 affects grub2, with the vulnerability in grub_parser_split_cmdline() where variable names in the command line are expanded into contents using a 1 KB stack buffer without sufficient bounds checking. This can overflow the stack and corrupt the stack frame, potentially allowing code ...
CVE-2020-27749
A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that...
CVE-2020-27749
A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that...
CVE-2021-22666
Fatek FvDesigner Version 1.5.76 and prior is vulnerable to a stack-based buffer overflow while project files are being processed, allowing an attacker to craft a special project file that may permit arbitrary code execution...
RHEL 7 : grub2 (RHSA-2021:0699)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0699 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular...
Oracle Linux 7 : grub2 (ELSA-2021-9076)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9076 advisory. - Fix CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 Orabug: 32530657 Tenable has extracted t...
Debian: Security Advisory (DSA-4867-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...