4 results (0.009 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1

A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file. Un desbordamiento de búfer en la región heap de la memoria en la función _cairo_image_surface_create_from_jpeg() en el archivo extensions/cairo_io/cairo-image-surface-jpeg.c en GNOME gThumb versiones anteriores a 3.8.3 y Linux Mint Pix versiones anteriores a 2.4.5, permite a atacantes causar un bloqueo y ejecutar potencialmente código arbitrario por medio de un archivo JPEG diseñado. • https://github.com/Fysac/CVE-2019-20326 https://gitlab.gnome.org/GNOME/gthumb/commit/4faa5ce2358812d23a1147953ee76f59631590ad https://gitlab.gnome.org/GNOME/gthumb/commit/ca8f528209ab78935c30e42fe53bdf1a24f3cb44 https://gitlab.gnome.org/GNOME/gthumb/commits/master/extensions/cairo_io/cairo-image-surface-jpeg.c https://lists.debian.org/debian-lts-announce/2021/08/msg00027.html https://security.gentoo.org/glsa/202008-05 • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 2%CPEs: 4EXPL: 0

Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination and password expiry. Vulnerabilidad no especificada en Cisco Adaptive Security Appliance (ASA) y PIX 7.1 anterior a 7.1(2)49 y 7.2 anterior a 7.2(2)17 permite a atacantes remotos provocar denegación de servicio (recarga de dispositivo) a través de vectores desconocidos relacionados con el fin de la conexión VPN y el vencimiento de la contraseña. • http://secunia.com/advisories/25109 http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml http://www.osvdb.org/35332 http://www.securityfocus.com/bid/23768 http://www.vupen.com/english/advisories/2007/1636 https://exchange.xforce.ibmcloud.com/vulnerabilities/34021 •

CVSS: 7.1EPSS: 2%CPEs: 4EXPL: 0

Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using "clientless SSL VPNs," allows remote attackers to cause a denial of service (device reload) via "non-standard SSL sessions." Condición de carrera en el Cisco Adaptive Security Appliance (ASA) y en el PIX 7.1 anterior al 7.1(2)49 y el 7.2 anterior al 7.2(2)19, cuando se utiliza "VPNs SSL sin cliente", permite a atacantes remotos provocar una denegación de servicio (recargar el dispositivo) a través de "sesiones SSL no estándar". • http://secunia.com/advisories/25109 http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml http://www.kb.cert.org/vuls/id/337508 http://www.osvdb.org/35333 http://www.securityfocus.com/bid/23768 http://www.vupen.com/english/advisories/2007/1636 https://exchange.xforce.ibmcloud.com/vulnerabilities/34023 •

CVSS: 10.0EPSS: 18%CPEs: 4EXPL: 0

Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors. Vulnerabilidad no especificada en Cisco Adaptive Security Appliance (ASA) y PIX 7.2 before 7.2(2)8, cuando utilizan Layer 2 Tunneling Protocol (L2TP) o Remote Management Access, permite a atacantes remotos evitar la validación LDAP y ganar privilegios a través de vectores desconocidos. • http://secunia.com/advisories/25109 http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml http://www.kb.cert.org/vuls/id/210876 http://www.osvdb.org/35331 http://www.securityfocus.com/bid/23768 http://www.securitytracker.com/id?1017994 http://www.securitytracker.com/id?1017995 http://www.vupen.com/english/advisories/2007/1636 https://exchange.xforce.ibmcloud.com/vulnerabilities/34020 •