CVE-2019-10877

In Teeworlds 0.7.2, there is an integer overflow in CMap::Load in engine/shared/map.cpp that can lead to a buffer overflow, because multiplication of width and height is mishandled...

Simplifying Security Configuration: A UX Revamp Retrospective

With the March 2019 Release update, the Security Configuration User Interface UI evolution is now complete, and we hope it integrates more seamlessly into your online business. Over time, Akamai has added new products, features, and functionality to its security solutions to protect your web...

Hackers Using Zero-Width Spaces to Bypass MS Office 365 Protection

Security researchers have been warning about a simple technique that cybercriminals and email scammers are already being using in the wild to bypass security features of Microsoft Office 365, including Safe Links, which are originally designed to protect users from malware and phishing attacks...

Hackers Using Zero-Width Spaces to Bypass MS Office 365 Protection

Security researchers have been warning about a simple technique that cybercriminals and email scammers are already being using in the wild to bypass security features of Microsoft Office 365, including Safe Links, which are originally designed to protect users from malware and phishing attacks...

Google PDFium JBIG2 image ComposeToOpt2WithRect information disclosure vulnerability

Summary An exploitable out-of-bounds read on the heap vulnerability exists in the JBIG2 parsing code of Google Chrome version 67.0.3396.99. A specially crafted PDF document can trigger an out-of-bounds read, which can possibly lead to an information leak that could be used as part of an exploit. ...

CVE-2018-9452

In getOffsetForHorizontal of Layout.java, there is a possible application hang due to a slow width calculation. This could lead to remote denial of service if a contact with many hidden unicode characters were sent to the device and used by a local app, with no additional execution privileges...

DEBIAN-CVE-2018-16375

An issue was discovered in OpenJPEG 2.3.0. Missing checks for headerinfo.height and headerinfo.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow...

UBUNTU-CVE-2018-16375

An issue was discovered in OpenJPEG 2.3.0. Missing checks for headerinfo.height and headerinfo.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow...

SafeText - Script To Remove Homoglyphs And Zero-Width Characters To Allow For Safe Distribution Of Documents From Anonymous Sources

Tool to sanitize text to allow for safe distribution of documents from anonymous sources by removing zero-width characters and homoglpyhs. Individuals attempting to leak an email or other text file face the risk of identification through fingerprinting. Fingerprinting often occurs when the origin...

CVE-2018-14596

wancms 1.0 through 5.0 allows remote attackers to cause a denial of service resource consumption via a checkcode aka verification code URI in which the values of fontsize, width, and height are large numbers...

CVE-2018-14596

wancms 1.0 through 5.0 allows remote attackers to cause a denial of service resource consumption via a checkcode aka verification code URI in which the values of fontsize, width, and height are large numbers...

CVE-2018-14596

wancms 1.0 through 5.0 allows remote attackers to cause a denial of service resource consumption via a checkcode aka verification code URI in which the values of fontsize, width, and height are large numbers...

Security Bulletin: A vulnerability in SQLite affects IBM Security Access Manager for Web (CVE-2015-3416)

Summary There is a denial of service vulnerability in SQLite, which affects IBM Security Access Manager for Web. Vulnerability Details CVEID: CVE-2015-3416 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by the failure to properly handle precision and width values during...

Foxit Reader Arbitrary Code Execution Vulnerability (CNVD-2018-11854)

Foxit Reader is China's Foxit Foxit Software Corporation, a PDF document reader. A security vulnerability exists in the parsing of the U3D Texture Width framework in Foxit Reader version 9.0.0.29935, which stems from the program failing to properly validate the length of user-submitted data,...

Foxit Reader Arbitrary Code Execution Vulnerability (CNVD-2018-10097)

Foxit Reader is China's Foxit Foxit Software Corporation, a PDF document reader. A buffer overflow vulnerability exists in the parsing of Texture Width in Foxit Reader version 9.0.0.29935, which occurs when the program fails to properly validate user-submitted data. The vulnerability can be...

CVE-2018-9982

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-10488

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-10488

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-10488

CVE-2018-10488 affects Foxit Reader 9.0.0.29935. The issue is a heap-based buffer overflow in parsing U3D Texture Width structures caused by insufficient validation of user-supplied data, allowing remote code execution when a user visits a malicious page or opens a malicious file. Exploitation re...