SUSE CVE-2016-1016

Use-after-free vulnerability in the Transform object implementation in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via a flash.geom.Matrix callback, a different...

SUSE CVE-2018-8101

The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service heap-based buffer over-read and application crash via a specific pdf file, as demonstrated by pdftohtml...

SUSE CVE-2018-10126

ijg-libjpeg before 9d, as used in tiff2pdf from LibTIFF and other products, does not check for a NULL pointer at a certain place in jpegfdct16x16 in jfdctint.c...

SUSE CVE-2018-14619

A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when each afalgctx was freed instead of when the aeadtfm was freed. This can cause the null skcipher to be freed while it is still in use leading to a local user bein...

SUSE CVE-2019-13282

In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause...

SUSE CVE-2020-17541

Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service...

SUSE CVE-2021-20311

A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. The highest threat from...

SUSE CVE-2021-20313

A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. The highest threat from this vulnerability is to data confidentiality...

SUSE CVE-2021-40690

All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any...

SUSE CVE-2022-36319

When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. This vulnerability affects Firefox ESR 102.1, Firefox ESR 91.12, Firefox 103, Thunderbird 102.1, and Thunderbird 91.12...

SUSE CVE-2022-38228

XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc...

bash: a heap-buffer-overflow in valid_parameter_transform

A flaw was found in the bash package, where a heap-buffer overflow can occur in validparametertransform. This issue may lead to memory problems...

CVE-2023-21856

Vulnerability in the Oracle iSetup product of Oracle E-Business Suite component: General Ledger Update Transform, Reports. Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2023-21856

CVE-2023-21856 affects Oracle E-Business Suite's iSetup, specifically the General Ledger Update Transform and Reports component. Affected: Oracle E-Business Suite versions 12.2.3 through 12.2.12. The issue is exploitable remotely over HTTP by an unauthenticated attacker, potentially enabling unau...

PT-2023-1196 · Oracle · Oracle E-Business Suite +1

Name of the Vulnerable Software and Affected Versions: Oracle E-Business Suite versions 12.2.3 through 12.2.12 Description: The issue is related to insufficient input validation in the General Ledger Update Transform and Reports subcomponents of the Oracle iSetup product. This allows an...

UBUNTU-CVE-2022-3715

A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parametertransform. This issue may lead to memory problems...

CVE-2022-36319

When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. This vulnerability affects Firefox ESR 102.1, Firefox ESR 91.12, Firefox 103, Thunderbird 102.1, and Thunderbird 91.12...

DEBIAN-CVE-2022-36319

When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. This vulnerability affects Firefox ESR 102.1, Firefox ESR 91.12, Firefox 103, Thunderbird 102.1, and Thunderbird 91.12...

Design/Logic Flaw

When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. This vulnerability affects Firefox ESR 102.1, Firefox ESR 91.12, Firefox 103, Thunderbird 102.1, and Thunderbird 91.12...

CVE-2022-22755

By using XSL Transforms, a malicious webserver could have served a user an XSL document that would continue to execute JavaScript within the bounds of the same-origin policy even after the tab was closed. This vulnerability affects Firefox 97...