EximiousSoft Logo Designer User Mode Write Access Conflict Vulnerability (CNVD-2019-40495)

EximiousSoft Logo Designer is a professional and powerful logo design software. EximiousSoft Logo Designer 3.82 suffers from a user-mode write access conflict vulnerability starting at ExiVectorRender!StrokeTextBlend+0x00000000000003a7. An attacker could exploit this vulnerability to cause a deni...

CVE-2019-18819

Eximious Logo Designer 3.82 has a User Mode Write AV starting at ExiVectorRender!StrokeTextBlend+0x00000000000003a7...

Study: Ransomware, Data Breaches at Hospitals tied to Uptick in Fatal Heart Attacks

Hospitals that have been hit by a data breach or ransomware attack can expect to see an increase in the death rate among heart patients in the following months or years because of cybersecurity remediation efforts, a new study posits. Health industry experts say the findings should prompt a large...

Social engineering. When you’re the mark…

Who am I? I am Scott, and you may have met me, if you did your recollection of me will be unique most likely. I am a social chameleon. I can be your best mate, the lost friend you never knew you lost and even an expert in things you are interested in. I live off your stories and I weave my way in...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : strongSwan vulnerabilities (USN-3771-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3771-1 advisory. It was discovered that strongSwan incorrectly handled IKEv2 key derivation. A remote attacker could possibly use this issue to...

USN-3771-1 strongswan vulnerabilities

It was discovered that strongSwan incorrectly handled IKEv2 key derivation. A remote attacker could possibly use this issue to cause strongSwan to crash, resulting in a denial of service. CVE-2018-10811 Sze Yiu Chau discovered that strongSwan incorrectly handled parsing OIDs in the gmp plugin. A...

USN-3771-1: strongSwan vulnerabilities

It was discovered that strongSwan incorrectly handled IKEv2 key derivation. A remote attacker could possibly use this issue to cause strongSwan to crash, resulting in a denial of service. CVE-2018-10811 Sze Yiu Chau discovered that strongSwan incorrectly handled parsing OIDs in the gmp plugin. A...

DEBIAN-CVE-2018-16510

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect exec stack handling in the "CS" and "SC" PDF primitives could be used by remote attackers able to supply crafted PDFs to crash the interpreter or possibly have unspecified other impact...

strongswan -- Fix Denial-of-Service Vulnerability strongSwan (CVE-2018-10811, CVE-2018-5388)

strongSwan security team reports: A denial-of-service vulnerability in the IKEv2 key derivation was fixed if the openssl plugin is used in FIPS mode and HMAC-MD5 is negotiated as PRF which is not FIPS-compliant. So this should only affect very specific setups, but in such configurations all...

ImageMagick Denial of Service Vulnerability (CNVD-2017-27286)

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A denial of service vulnerability exists in the DrawGetStrokeDashArray function of the wand/drawing-wand.c file in...

DEBIAN-CVE-2017-14505

DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c by providing a crafted Image File as input...

Debian DSA-3746-1 : graphicsmagick - security update (ImageTragick)

Several vulnerabilities have been discovered in GraphicsMagick, a collection of image processing tool, which can cause denial of service attacks, remote file deletion, and remote command execution. This security update removes the full support of PLT/Gnuplot decoder to prevent Gnuplot-shell based...

ALPINE-CVE-2016-4563

The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service buffer overflow and application crash or...

DEBIAN-CVE-2016-4563

The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service buffer overflow and application crash or...

UBUNTU-CVE-2016-4563

The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service buffer overflow and application crash or...

FileCOPA FTP Server <= 1.01 (LIST) Remote Buffer Overflow Exploit (2)

No description provided by source. ============================================================================================= FileCOPA FTP Server = 1.01 LIST Remote Buffer Overflow Exploit2 By Umesh Wanve...

Linux Kernel /dev/ptmx Key Stroke Timing Local Disclosure

No description provided by source. !/bin/bash ptmx-su-pwdlen.sh -- This PoC determine the password length of a local user who runs su -. Done thanks to the ptmx keystroke timing attack CVE-2013-0160. See http://vladz.devzero.fr/013ptmx-timing.php for more information. Tested on Debian 6.0.5 kerne...

OpenJDK: mutable static AWTKeyStroke.ctor (AWT, 7019773)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.233 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and...

OpenJDK: mutable static AWTKeyStroke.ctor (AWT, 7019773)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.233 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and...

Mozilla Foundation Security Advisory 2010-12

You are here: Security Center Mozilla Foundation Security Advisories MFSA 2010-12 Mozilla Foundation Security Advisory 2010-12 Title: XSS using addEventListener and setTimeout on a wrapped object Impact: High Announced: March 23, 2010 Reporter: mozbugra4 Products: Firefox, Thunderbird, SeaMonkey...