A heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 while fuzz-testing the processing of TrueType fonts rendering in AlternateSubstitutionSubtable::process.
b638f363683e27c69a03b4345ce06c4fA heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 while fuzz-testing the processing of TrueType fonts rendering in ExtractBitMap_blocClass.
29c31d355f8a1212c89be8f95c56a750A heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 while fuzz-testing the processing of TrueType fonts rendering in OpenTypeLayoutEngine::adjustGlyphPositions.
44b1d7a8a3d751b214b9f70aab2957fdA heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 while fuzz-testing the processing of OpenType fonts.
5131a27c80fb2148eac10f4c01318b88HTMLy version 2.7.4 suffers from multiple cross site scripting vulnerabilities.
9c2fae1f1a3125e338c33a0c3d901126Comodo Dome Firewall version 2.7.0 suffers from multiple cross site scripting vulnerabilities.
5e7745733f4787cab9bbbc7c018c2c42Master IP CAM 01 version 3.3.4.2103 suffers from a remote command execution vulnerability.
c52d6d75b01caff68b1bc84a984583baArangoDB Community Edition version 3.4.2-1 suffers from a cross site scripting vulnerability.
e7ebd0f7aa89a43efb9130c32cd8d7dbqdPM version 9.1 suffers from multiple cross site scripting vulnerabilities.
acfb25312890a6ee46a901dd42e38c61Apache CouchDB version 2.3.0 suffers from multiple cross site scripting vulnerabilities.
e96dc647b95c5059349a2262bde12393CMSsite version 1.0 suffers from a remote SQL injection vulnerability in post.php. This version of the software has been known to have SQL injection vulnerabilities since 2010.
280cf3156e94b30f315f4f61a76a6531mIRC versions prior to 7.55 suffer from a remote command execution using argument injection through custom URI protocol handlers.
6b03c17a140390183e555131c0c6565bDigi TransPort LR54 suffers from a restricted shell bypass vulnerability that gets a root shell.
896322aa0ccd273bc0ef57111661649eRealterm Serial Terminal version 2.0.0.70 local buffer overflow SEH exploit.
6ae4e98f66359c8481538edfc7bd863aMISP version 2.4.97 suffers from SQL command execution via command injection in the STIX module.
0349325981ba6a0c0b8cb7c488aa8caeRealTerm Serial Terminal version 2.0.0.70 suffers from a denial of service vulnerability.
b5b97ae4f493aba7571a11b55a3a0f28DASAN H665 has a vendor backdoor built into BusyBox /bin/login that provides remote root access with no password.
8fd617ceb423687bb1cff222714c6ebcKVM suffers from a use-after-free vulnerability after using the emulated VMX preemption timer.
a0d1f27f5e38bc4b60b7e3417a578978KVM suffers from an uninitialized memory leak vulnerability in kvm_inject_page_fault.
d143badc5670e32e28cf7e6fb40d4424Listing Hub CMS version 1.0 suffers from a remote SQL injection vulnerability in pages.php.
a7da6c2e2bea589569ff55259567e47bZuzMusic version 2.1 suffers from a persistent cross site scripting vulnerability.
7ca5239c281f86e428865e72b8e242e0JobFinder suffers from a cross site scripting vulnerability.
d7af768a26e6fc8bfc4c7a525735dd08WeHelp version 1.6 suffers from a cross site scripting vulnerability.
dadf8942b2d517c8af9fc12e82b4b0e5Find a Place CMS Directory version 1.5 suffers from a remote SQL injection vulnerability.
ac0cf064523b3a833efc27f4db1a02bbJinja2 version 2.10 suffers from a command injection vulnerability.
11bfeb8f8d50d84b15935cf7f8b3274f
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed