212 matches found
Denial Of Service (DoS)
protobuf-java is vulnerable to denial of service. The vulnerability exists in the parsing procedure for binary and text format data because the input streams contain multiple instances of non-repeated embedded messages with repeated or unknown fields, resulting in potentially long garbage...
Denial of Service (DoS)
Overview google-protobuf is a Google's data interchange format. Affected versions of this package are vulnerable to Denial of Service DoS via the parsing procedure for binary and text format data. Input streams containing multiple instances of non-repeated embedded messages with repeated or unkno...
protobuf-java has a potential Denial of Service issue
Summary A potential Denial of Service issue in protobuf-java core and lite was discovered in the parsing procedure for binary and text format data. Input streams containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted...
Microsoft Office zero-day “Follina”—it’s not a bug, it’s a feature! (It’s a bug)
Update: Please see our FAQ for the latest guidance and mitigation tips on Follina. On Monday May 30, 2022, Microsoft issued CVE-2022-30190 regarding the Microsoft Support Diagnostic Tool MSDT in Windows vulnerability. The mitigation offered by Microsoft consists of an alternative method to...
Zero-day vulnerability discovered in Microsoft Word
A researcher has found a zero-day vulnerability in Microsoft Word. This new exploit in Office macros, external template files containing malicious code while macros are disabled. When a user converts the document to RTF format, the code is also executed in "Protected view" or "Preview mode. For...
Navbar - Moderately critical - Cross Site Scripting - SA-CONTRIB-2022-011
This module provides a very simple, mobile-friendly navigation toolbar. The module doesn't sufficiently check for user-provided input. This vulnerability is mitigated by the fact that an attacker must have the ability to post content using a text format like the default "Filtered HTML" format tha...
Ubuntu: Security Advisory (USN-5202-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-8968
Parallels Remote Application Server RAS allows a local attacker to retrieve certain profile password in clear text format by uploading a previously stored cyphered file by Parallels RAS. The confidentiality, availability and integrity of the information of the user could be compromised if an...
Default credentials
Parallels Remote Application Server RAS allows a local attacker to retrieve certain profile password in clear text format by uploading a previously stored cyphered file by Parallels RAS. The confidentiality, availability and integrity of the information of the user could be compromised if an...
[SECURITY] Fedora 34 Update: python-markdown2-2.4.2-1.fc34
Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...
UDP-Hunter - Network Assessment Tool For Various UDP Services Covering Both IPv4 And IPv6 Protocols
UDP Scanning has always been a slow and painful exercise, and if you add IPv6 on top of UDP, the tool choices get pretty limited. UDP Hunter is a python based open source network assessment tool focused on UDP Service Scanning. With UDP Hunter, we have focused on providing auditing of widely know...
OpenJDK: Excessive memory allocation in RTFParser (Swing, 8265167)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...
Microsoft Office Memory Corruption Vulnerability
Microsoft Office contains a memory corruption vulnerability due to failure to properly handle rich text format files in memory. Successful exploitation allows for remote code execution in the context of the current user...
Fedora: Security Advisory for rust-wat (FEDORA-2021-68713440cb)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Anonymous leaks more EPIK host data; ‘larger than previous leak’
By Waqas According to Anonymous, the EPIK data leak involves bootable disk images, API tokens, over 500,000 private keys, etc. all in plain-text format. This is a post from HackRead.com Read the original post: Anonymous leaks more EPIK host data; larger than previous leak...
CAJViewer 7.3 suffers from a binary vulnerability (CNVD-2021-45248)
CAJViewer 7.3 is a specialized full-text format viewer for China Journal Network CJN, which supports CJN's TEB, CAJ, NH, KDH and PDF format files. A binary vulnerability exists in CAJViewer 7.3, which can be exploited by attackers to cause a denial of service...
CAJViewer 7.3 suffers from a binary vulnerability (CNVD-2021-45254)
CAJViewer 7.3 is a specialized full-text format viewer for China Journal Network CJN, which supports CJN's TEB, CAJ, NH, KDH and PDF format files. A binary vulnerability exists in CAJViewer 7.3, which can be exploited by attackers to cause a denial of service...
CAJViewer has a binary vulnerability (CNVD-2021-41045)
CAJviewer is a specialized full-text format reader for China Journal Network CJN, which supports TEB, NH, CAJ, KDH and PDF files of CJN. A binary vulnerability exists in CAJViewer, which can be exploited by attackers to execute malicious code on a user's system...
CAJViewer suffers from a memory corruption vulnerability (CNVD-2021-37437)
CAJviewer is a specialized full-text format reader for China Journal Network CJN, which supports TEB, NH, CAJ, KDH and PDF files of CJN. CAJViewer suffers from a memory corruption vulnerability. An attacker can exploit this vulnerability to cause the program to crash...
[SECURITY] Fedora 34 Update: python-markdown2-2.4.0-1.fc34
Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...