5 matches found
OSV-2023-1161 Heap-buffer-overflow in std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<ch
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64151 Crash type: Heap-buffer-overflow READ Crash state: std::1::basicstring, std::1::allocatorch Exiv2::QuickTimeVideo::NikonTagsDecoder Exiv2::QuickTimeVideo::userDataDecoder...
Ubuntu 16.04 LTS / 18.04 LTS : OpenJDK vulnerabilities (USN-4223-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4223-1 advisory. Jan Jancar, Petr Svenda, and Vladimir Sedlacek discovered that a side- channel vulnerability existed in the ECDSA implementation in OpenJDK. ...
CVE2014-6 2 8 7 analysis report-vulnerability warning-the black bar safety net
0x00 is written on the front In the cloud zone, see the HFS 2.3 x Remote command executioncatch the chicken hack doom of the article, just before analysis of binary vulnerabilities, this command injection vulnerability, or the first analysis, from the Internet under the HFS 2.3.279 this version u...
Persistent cross-site scripting (XSS) via DailyMotionRenderer
A number of renderer classes used by the widget macro were previously identified that contained URL validation flaws leading to persistent cross-site scripting XSS vulnerabilities. The modified classes now make use of the isUrlMatch method from the WidgetConnectorUtil class in the implementation ...
Scientific Linux Security Update : ruby on SL4.x, SL5.x i386/x86_64
Multiple integer overflows leading to a heap overflow were discovered in the array- and string-handling code used by Ruby. An attacker could use these flaws to crash a Ruby application or, possibly, execute arbitrary code with the privileges of the Ruby application using untrusted inputs in array...