CVE-2021-41497

Null pointer reference in CMSConservativeincrementobj in RaRe-Technologies bounter version 1.01 and 1.10, allows attackers to conduct Denial of Service attacks by inputting a huge width of hash bucket...

RaRe-Technologies bounter 代码问题漏洞

Bounter is Rare Technologies open source a Python library written in C . Used for extremely fast probabilistic counting of item frequencies in massive datasets. RaRe-Technologies bounter versions 1.01 and 1.10 has a security vulnerability that stems from the presence of a null pointer reference i...

Mozilla: Heap buffer overflow when using structured clone

The Mozilla Foundation Security Advisory describes this flaw as: An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash...

freerdp security update

2:2.2.0-7 - Updated: Refactored RPC gateway parser rhbz2017948 + fixed issues discovered by Covscan 2:2.2.0-6 - Refactored RPC gateway parser rhbz2017948 2:2.2.0-5 - Revert: Refactored RPC gateway parser rhbz2017948 2:2.2.0-4 - Refactored RPC gateway parser rhbz2017948 2:2.2.0-3 - Add checks for...

freerdp security update

2:2.2.0-5 - Update: Refactored RPC gateway parser rhbz2017944 + fix issues discovered by Covscan 2:2.2.0-4 - Refactored RPC gateway parser rhbz2017944 2.1.1-3 - Add checks for bitmap and glyph width/heigth values rhbz2017951...

python-pillow: Out-of-bounds read in J2K image reader

There is an out-of-bounds read in J2kDecode in j2kugrayala. For J2k images with multiple bands, it’s legal to have different widths for each band, e.g. 1 byte for L, 4 bytes for A...

DEBIAN-CVE-2021-41160

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send 0...

UBUNTU-CVE-2021-41160

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send 0...

PT-2021-7349 · Freerdp +9 · Freerdp +9

Name of the Vulnerable Software and Affected Versions: FreeRDP versions prior to 2.4.1 Description: The issue is related to out of bound writes in a connected client. A malicious server might trigger this by sending 0 width/height or out of bound rectangles to the client using GDI or...

[SECURITY] Fedora 34 Update: rust-unicode-truncate-0.2.0-2.fc34

Unicode-aware algorithm to pad or truncate str in terms of displayed width...

Unbreakable Enterprise kernel-container security update

4.14.35-2047.504.2.el7 - md/raid1: properly indicate failure when ending a failed write request Paul Clements Orabug: 32887159 - video: hypervfb: Add ratelimit on error message Michael Kelley Orabug: 32856879 - Drivers: hv: vmbus: Initialize unloadevent statically Andrea Parri Microsoft Orabug:...

CVE-2020-11161

Out-of-bounds memory access can occur while calculating alignment requirements for a negative width from external components in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

openSUSE Security Update : opera (openSUSE-2021-829)

This update for opera fixes the following issues : Update to version 76.0.4017.154 - CHR-8420 Update chromium on desktop-stable-90-4017 to 90.0.4430.212 - DNA-92411 Bookmarks breadcrumbs wrong color when pressed in dark mode - DNA-92587 Sync settings: Use old password button doesnt work - DNA-926...

CVE-2021-24334

The Instant Images – One Click Unsplash Uploads WordPress plugin before 4.4.0.1 did not properly validate and sanitise its unsplashdownloadw and unsplashdownloadh parameter settings /wp-admin/upload.php?page=instant-images, only validating them client side before saving them, leading to a Stored...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . Instant Images - One Click Unsplash Uploads A security...

Unified Dashboard Preview for Enhanced Security Visualization

Qualys has introduced the Unified Dashboard Framework UDF to enrich your dashboarding experience. Unified Dashboard UD brings information from all Qualys applications into a single place for visualization. UD adds a powerful new dashboarding framework to the Qualys Cloud Platform that will be...

CVE-2021-27969

Dolphin CMS 7.4.2 is vulnerable to stored XSS via the Page Builder "width" parameter...

CVE-2021-27969

Dolphin CMS 7.4.2 is vulnerable to stored XSS via the Page Builder "width" parameter...

CVE-2021-27969

Dolphin CMS 7.4.2 is vulnerable to stored XSS via the Page Builder "width" parameter...

OpenSourceCMS.com Dolphin CMS 跨站脚本漏洞

OpenSourceCMS.com Dolphin CMS is OpenSourceCMS.com open source an application system . It provides a CMS framework for building websites. A security vulnerability exists in Dolphin CMS 7.4.2, which originates from the Page Builder "width" parameter...