16 matches found
CVE-2026-40918
A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of service DoS. This occurs due to a stack-based buffer overflow and an out-of-bounds read in the PVR image loader, causing the application to crash. Systems that process untrusted P...
UBUNTU-CVE-2026-40918
A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of service DoS. This occurs due to a stack-based buffer overflow and an out-of-bounds read in the PVR image loader, causing the application to crash. Systems that process untrusted P...
CVE-2025-34297
KissFFT contains an integer overflow in kiss_fft_alloc() (kiss_fft.c) on 32-bit platforms due to an unvalidated nfft in the size calculation (sizeof(kiss_fft_cpx) * (nfft - 1)). This can cause an undersized malloc and a subsequent loop to write nfft elements, resulting in a heap buffer overflow. ...
JBoss: twiddle.sh accepts credentials as command line arguments, exposing them to other local users via a process listing
twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials as command-line arguments, which allows local users to read the credentials by listing the process and its arguments...
JBoss: twiddle.sh accepts credentials as command line arguments, exposing them to other local users via a process listing
twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials as command-line arguments, which allows local users to read the credentials by listing the process and its arguments...
RHEL 5 : JBoss EAP (RHSA-2009:1650)
Updated JBoss Enterprise Application Platform JBEAP 4.2 packages that fix multiple security issues, several bugs, and add enhancements are now available for Red Hat Enterprise Linux 5 as JBEAP 4.2.0.CP08. This update has been rated as having moderate security impact by the Red Hat Security Respon...
PT-2012-1275 · Red Hat · Jboss Eap +1
Name of the Vulnerable Software and Affected Versions: JBoss AS versions 5.0 and earlier JBoss EAP versions 5.0 and earlier Description: The issue allows local users to read credentials by listing the process and its arguments, as twiddle.sh in JBoss AS and EAP accepts credentials as command-line...
CVE-2009-3554
Twiddle in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by reading this file...
Design/Logic Flaw
Twiddle in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by reading this file...
CVE-2009-3554
Twiddle in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by reading this file...
CVE-2009-3554
CVE-2009-3554 affects Red Hat JBoss Enterprise Application Platform (JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07. The flaw arises in the twiddle tool where the JMX password and other command-line arguments are written to twiddle.log, enabling local users to read sensitive information. ...
CVE-2009-3554
Twiddle in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by reading this file...
JBoss EAP Twiddle logs the JMX password
Twiddle in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by reading this file...
JBoss EAP Twiddle logs the JMX password
Twiddle in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by reading this file...
JBoss EAP Twiddle logs the JMX password
Twiddle in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by reading this file...
JBoss EAP Twiddle logs the JMX password
Twiddle in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by reading this file...