97 matches found
CVE-2011-0609
The CVE-2011-0609 issue is an Adobe Flash Player AVM Bytecode Verification vulnerability that allows remote code execution via crafted SWF content. Affected products include Flash Player 10.2.x and earlier (Windows, macOS, Linux, Solaris), Flash Player 10.1.106.16 and earlier on Android, Adobe AI...
CVE-2010-1297
CVE-2010-1297 affects Adobe Flash Player (versions prior to 9.0.277.0 and 10.x prior to 10.1.53.64), Adobe AIR (prior to 2.0.2.12610), and Adobe Reader/Acrobat (8.x up to 8.2.3; 9.x prior to 9.3.3) on Windows and macOS. The root cause is memory corruption/remote code execution via crafted SWF con...
CVE-2009-3953
CVE-2009-3953 affects Adobe Reader/Acrobat U3D handling in PDFs. The vulnerability arises from a CLODProgressiveMeshDeclaration array boundary issue in the U3D implementation, allowing remote code execution when processing malformed U3D data. Affected product versions include Acrobat/Reader 9.x p...
CVE-2009-4324
Adobe Reader/Acrobat (Windows/macOS) is affected by CVE-2009-4324 due to a use-after-free in Doc.media.newPlayer inside Multimedia.api. A crafted PDF with ZLib streams can trigger remote code execution. The vulnerability is reported as exploited in the wild in December 2009. Affected versions inc...
CVE-2021-41819
CVE-2021-41819 affects Ruby and the CGI::Cookie.parse function; Ruby up to 2.6.8 (and CGI gem up to 0.3.0) mishandle security prefixes in cookie names, enabling cookie-prefix spoofing. Public advisories confirm this and list affected Ruby versions across multiple distributions (AL2, AL2 Ruby3.0 e...
CVE-2021-41817
CVE-2021-41817 is a Ruby-related ReDoS in Date parsing. The vulnerability affects Ruby’s date parsing pathways (notably date parsing methods) up to versions around 3.2.0, enabling denial-of-service via crafted date strings. The fixed releases cited in the sources are 3.2.1, 3.1.2, 3.0.2, and 2.0....
CVE-2010-2941
CVE-2010-2941 affects the Common UNIX Printing System (CUPS) cupsd component, specifically ipp.c in CUPS 1.4.4 and earlier. The vulnerability arises from improper memory allocation for attribute values with invalid string data types, enabling a remote attacker to cause a use-after-free and crash,...
CVE-2021-4028
CVE-2021-4028 is a Linux kernel use-after-free in the RDMA communications manager listener path. Local attackers could crash the system or potentially escalate privileges by exploiting a high-port socket listen use-after-free. The vulnerability is documented across multiple connected sources (Deb...
CVE-2016-5131
CVE-2016-5131 is a use-after-free in libxml2 up to version 2.9.4 (as used in Chrome before 52.0.2743.82) triggered by XPointer range-to, leading to possible denial of service and potentially other impact. Connected advisories reaffirms libxml2 as the vulnerable component and references several ve...
CVE-2020-14147
The CVE-2020-14147 issue is a vulnerability in Redis: an integer overflow in the getnum function of lua_struct.c on Redis builds before 6.0.3 can be triggered by processing large numbers in Lua code, leading to memory corruption, a denial of service (application crash), and potentially bypassing ...
CVE-2021-4166
CVE-2021-4166 is a Vim vulnerability categorized as an out-of-bounds read affecting Vim buffers. Public references in the connected documents confirm the issue, with remediation guidance tied to Vim updates. The Cloud Foundry advisory (USN-6026-1) and related AWS/Linux bulletins indicate Vim fixe...
CVE-2009-2408
CVE-2009-2408 affects Mozilla NSS up to 3.12.2/Firefox up to 3.0.12/ Thunderbird up to 2.0.0.22 and SeaMonkey up to 1.1.17. The issue is improper handling of a '\0' character in the domain name present in the certificate subject’s Common Name (CN) field of an X.509 certificate. This enables a man...
CVE-2016-2178
OpenSSL CVE-2016-2178: The dsa_sign_setup path in OpenSSL up to version 1.0.2h can process DSA signing in a non-constant-time way, enabling a local attacker to recover a private DSA key via a timing side-channel. Several advisories note this alongside other OpenSSL fixes and generally recommend u...
CVE-2009-3231
CVE-2009-3231 affects PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14. When LDAP authentication is used with anonymous binds, an remote attacker could authenticate with an empty password, bypassing authentication. The issue is documented in multiple sources (e.g., PostgreSQL release notes for 8...
CVE-2016-1960
CVE-2016-1960 is a vulnerability in Mozilla Firefox’s HTML5 parser (nsHtml5TreeBuilder) involving an integer underflow that enables a use-after-free scenario when parsing end tags in a foreign fragment context (SVG). Affects Firefox before 45.0 and Firefox ESR 38.x before 38.7; exploitation can l...
CVE-2009-0040
The CVE-2009-0040 issue affects the PNG reference library (libpng) as used in pngcrush and other apps. A crafted PNG can trigger a free of an uninitialized pointer in png_read_png, pCAL chunk handling, or 16-bit gamma table setup, enabling denial of service or possibly arbitrary code execution. A...
CVE-2016-1977
Summary: CVE-2016-1977 and related Graphite 2 vulnerabilities affect Graphite font rendering (library graphite2) used by Mozilla Firefox/Thunderbird. The issues stem from memory safety bugs in Graphite 2 (version 1.3.5 and earlier) that could allow remote code execution or crashes when processing...
CVE-2016-2796
CVE-2016-2796 describes a heap-based buffer overflow in the Graphite 2 font library (graphite2::vm::Machine::Code::Code) prior to 1.3.6. The vulnerability affected Graphite 2 as used by Mozilla Firefox (before 45.0) and Firefox ESR 38.x (before 38.7), potentially enabling a remote attacker to cau...
CVE-2010-4180
OpenSSL vulnerability CVE-2010-4180 affects OpenSSL versions before 0.9.8q and 1.0.x before 1.0.0c when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled. The flaw allows remote attackers to modify the ciphersuite in the session cache, enabling a downgrade to an unintended cipher by sniffing net...
CVE-2016-2800
The Graphite 2 font rendering library is affected by CVE-2016-2800 and CVE-2016-2792. In Graphite 2, the vulnerability resides in graphite2::Slot::getAttr (Slot.cpp) and can be triggered when processing crafted Graphite fonts, as used by Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to...
CVE-2016-1974
The CVE-2016-1974 issue affects Mozilla Firefox and Firefox ESR, where nsScannerString::AppendUnicodeTo can fail to verify memory allocation success, enabling a remote attacker to crash the browser or potentially execute arbitrary code via crafted Unicode data in HTML/XML/SVG. Affected versions a...
CVE-2016-1961
CVE-2016-1961 is a use-after-free in Mozilla Firefox’s HTMLDocument::SetBody (dom/html/nsHTMLDocument.cpp) that could crash the browser and allow remote code execution. Affected products are Firefox before 45.0 and Firefox ESR 38.x before 38.7. The vulnerability stems from mishandling of the root...
CVE-2016-2792
CVE-2016-2792 affects Graphite2 (graphite2) in Graphite font rendering used by Firefox
CVE-2016-1964
CVE-2016-1964 is a use-after-free in Mozilla Firefox’s AtomicBaseIncDec during XML transformation handling. Affects Firefox before 45.0 and Firefox ESR 38.x before 38.7; impact includes remote code execution or heap-based denial of service when processing certain XML transformations. The issue ca...
CVE-2016-1697
CVE-2016-1697 affects Google Chrome (Blink/WebKit) prior to 51.0.2704.79. The FrameLoader::startLoad path in FrameLoader.cpp does not prevent frame navigations during DocumentLoader detach, enabling a remote attacker to bypass the Same Origin Policy via crafted JavaScript. A patch was released in...
CVE-2018-14522
CVE-2018-14522 affects aubio 0.4.6 where aubio_pitch_set_unit in pitch/pitch.c can trigger a SEGV crash. Multiple advisories note the issue as fixed in openSUSE/Aubio updates (e.g., openSUSE-SU-2019:1229, OSV-OPENSU…), with patches moving to aubio 0.4.9+ and related packages. The connected record...
CVE-2009-0949
CVE-2009-0949 affects CUPS before 1.3.10. The ippReadIO function in cups/ipp.c within cupsd fails to properly initialize memory for IPP request packets, enabling a remote attacker to trigger a denial of service (NULL pointer dereference and cupsd crash) via a scheduler request containing two cons...
CVE-2009-2416
CVE-2009-2416 is a use-after-free in libxml2 (versions 2.5.10, 2.6.16, 2.6.26, 2.6.27, 2.6.32) and libxml 1.8.17 triggered by crafted Notation/Enumeration attribute types in a DTD; leads to denial of service (application crash). Related CVE-2009-2414 is a stack-growth DoS via deep DTD structures....
CVE-2016-1683
CVE-2016-1683 affects libxslt prior to 1.1.29, as used in Google Chrome before 51.0.2704.63. The issue arises from numbers.c in libxslt, where namespace nodes are mishandled, enabling a remote attacker to trigger out-of-bounds heap memory access and cause a denial of service (with potential unspe...
CVE-2016-2797
Graphite 2 before 1.3.6 is affected by CVE-2016-2797 via the TtfUtil::CmapSubtable12Lookup path. The vulnerability exists when Graphite is used by Firefox before 45.0 and Firefox ESR 38.x before 38.7, allowing a crafted Graphite smart font to cause a denial-of-service (buffer over-read) or simila...
CVE-2018-14523
The CVE-2018-14523 issue affects aubio 0.4.6, where a buffer over-read can occur in new_aubio_pitchyinfft (pitch/pitchyinfft.c). Multiple connected advisories (openSUSE, OSV, GHSA) confirm the vulnerability and indicate that vulnerable aubio versions could crash or potentially leak information. O...
CVE-2024-23301
CVE-2024-23301 affects Relax-and-Recover (rear) up to version 2.7. When GRUB_RESCUE=y is used, rear can create a world-readable initrd, enabling local attackers to read secrets that should be root-only. Connected advisories confirm this flaw across multiple distributions (e.g., Debian, MiracleLin...
CVE-2023-34256
CVE-2023-34256 describes an out-of-bounds read in crc16 in lib/crc16.c when invoked from fs/ext4/super.c due to incomplete offset checks in ext4_group_desc_csum, affecting the Linux kernel up to but not including 6.3.3. The issue can enable local denial of service or information leaks via a craft...
CVE-2016-2807
CVE-2016-2807 is a set of memory-safety issues in Mozilla Firefox’s browser engine affecting Firefox, ESR 38.x and ESR 45.x branches. Connected advisories indicate these flaws could allow memory corruption and a potential arbitrary-code execution or DoS. Remediation across sources centers on upgr...
CVE-2008-4989
Summary: CVE-2008-4989 affects the GnuTLS library. The vulnerability lies in _gnutls_x509_verify_certificate in libgnutls/lib/x509/verify.c, where the library can trust a chain whose last certificate is an arbitrary self-signed trusted cert. This allows a man-in-the-middle to spoof a certificate ...
CVE-2016-2793
CVE-2016-2793 affects the Graphite 2 font library (CachedCmap.cpp) up to version 1.3.5 used by Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7. A crafted Graphite font can trigger a buffer over-read, potentially causing a denial of service or other impact. Remediation, where availabl...
CVE-2016-2790
The CVE-2016-2790 issue is in Graphite 2 prior to 1.3.6 (graphite2) used by Firefox/Firefox ESR. The root cause is uninitialized memory in Graphite’s TtfUtil::GetTableInfo, enabling a remote attacker to cause a denial of service or potentially other impact via a crafted Graphite font. Impact is t...
CVE-2016-2798
The CVE-2016-2798 issue affects the Graphite2 font library (Graphite 2) prior to version 1.3.6 used by Mozilla Firefox/Firefox ESR. The vulnerability arises in Graphite2::GlyphCache::Loader::Loader, allowing a remote attacker to trigger a denial of service via a crafted Graphite font, with potent...
CVE-2016-2795
Graphite 2 vulnerability CVE-2016-2795 affects the Graphite font engine library. The function graphite2::FileFace::get_table_fn in Graphite 2 before 1.3.6 does not initialize memory for an unspecified data structure, enabling a remote attacker to cause denial of service (and possibly other impact...
CVE-2016-2799
CVE-2016-2799 is a heap-based buffer overflow in graphite2::Slot::setAttr in Graphite2 up to 1.3.6, impacting Firefox <45.0 and Firefox ESR =1.3.7) to remediate. Monitor vendor advisories for exact fixed versions per distribution.
CVE-2016-1676
CVE-2016-1676 affects Google Chrome/Chromium before 51.0.2704.63. The issue is a cross-origin bypass in extension bindings (bindings.js) caused by improper prototype handling in the extensions framework, enabling remote bypass of Same Origin Policy via unspecified vectors. Debian security advisor...
CVE-2016-2802
Summary: CVE-2016-2802 affects Graphite 2 before 1.3.6, used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7. The flaw resides in graphite2::TtfUtil::CmapSubtable4NextCodepoint and can be exploited to trigger a crash via a crafted Graphite font (buffer over-read), causing a denial...
CVE-2016-1691
CVE-2016-1691 affects the Skia library used by Google Chrome prior to 51.0.2704.63. The issue arises from mishandling of coincidence runs in SkOpCoincidence.cpp and SkPathOpsCommon.cpp, enabling a remote attacker to trigger a heap-based buffer overflow and cause a denial of service (with possible...
CVE-2016-2794
The CVE-2016-2794 entry concerns Graphite 2 prior to version 1.3.6. The vulnerable function is graphite2::TtfUtil::CmapSubtable12NextCodepoint, used by Mozilla Firefox (before 45.0) and Firefox ESR 38.x (before 38.7). A crafted Graphite font can cause a buffer over-read, leading to a denial of se...
CVE-2016-2801
CVE-2016-2797 describes a vulnerability in Graphite2 where the TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6 can be triggered by a crafted Graphite font, used by Firefox before 45.0 and ESR before 38.7, leading to a denial of service via a buffer over-read. The issue is due to...
CVE-2016-2791
Summary: CVE-2016-2791 affects the Graphite 2 font library (graphite2) shipped with Graphite-based builds and Mozilla Firefox. The issue is in graphite2::GlyphCache::glyph, where a crafted Graphite font can trigger a buffer over-read, potentially allowing a denial of service and other unspecified...
CVE-2016-1677
CVE-2016-1677 refers to a type confusion in the V8 JavaScript engine used by Google Chrome/Chromium prior to version 51.0.2704.63. The flaw could allow a remote attacker to obtain sensitive information by calling decodeURI, via the affected V8 bindings, as part of the Chromium/Chrome stack. The c...
CVE-2016-1672
CVE-2016-1672 affects Google Chrome up to version 51.0.2704.63, where the ModuleSystem::RequireForJsInner function in extension bindings mishandles properties, enabling remote cross-origin bypass via unspecified vectors. Public advisories and vendor fixes (e.g., Chromium 51.0.2704.63) address the...
CVE-2016-1688
CVE-2016-1688 is an out-of-bounds read in the V8 JavaScript library used by Google Chrome/Chromium prior to 51.0.2704.63. The root cause involves mishandling external string sizes, enabling a remote attacker to trigger a denial of service via crafted JavaScript. Remediation: upgrade to Chrome/Chr...
CVE-2016-1698
In CVE-2016-1698, Google Chrome’s extensions/renderer/resources/binding.js createCustomType did not validate module types, causing an information disclosure via a poisoned definition. Affected is Chrome before 51.0.2704.79; the issue could allow loading arbitrary modules or exposing sensitive dat...