Page 24 of 4598 results (0.016 seconds)

CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2020-10938

https://notcve.org/view.php?id=CVE-2020-10938

GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c. GraphicsMagick versiones anteriores a la versión 1.3.35, tiene un desbordamiento de enteros y un desbordamiento del búfer en la región heap de la memoria en la función HuffmanDecodeImage en el archivo magick/compress.c. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00049.html http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00051.html https://lists.debian.org/debian-lts-announce/2020/04/msg00007.html https://sourceforge.net/p/graphicsmagick/code/ci/5b4dd7c6674140a115ec9424c8d19c6a458fac3e https://www.debian.org/security/2020/dsa-4675 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •

CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2020-9359 – okular: local binary execution via specially crafted PDF files

https://notcve.org/view.php?id=CVE-2020-9359

KDE Okular before 1.10.0 allows code execution via an action link in a PDF document. KDE Okular versiones anteriores a la versión 1.10.0, permite una ejecución de código por medio de un enlace de acción en un documento PDF. • https://invent.kde.org/kde/okular/-/commit/6a93a033b4f9248b3cd4d04689b8391df754e244 https://kde.org/info/security/advisory-20200312-1.txt https://lists.debian.org/debian-lts-announce/2020/03/msg00033.html https://lists.debian.org/debian-lts-announce/2021/12/msg00019.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2TY3O6UWX2XTP7PISPTZ6FYRDFU4UF66 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AW6GJ3AKGXOMTDHNZBMSXDTWNJJRFBDH https: • CWE-184: Incomplete List of Disallowed Inputs •

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-9760

https://notcve.org/view.php?id=CVE-2020-9760

An issue was discovered in WeeChat before 2.7.1 (0.3.4 to 2.7 are affected). When a new IRC message 005 is received with longer nick prefixes, a buffer overflow and possibly a crash can happen when a new mode is set for a nick. Se detectó un problema en WeeChat versiones anteriores a 2.7.1 (versiones 0.3.4 hasta 2.7 están afectadas). Cuando se recibe un nuevo mensaje 005 IRC con prefijos nick más largos, un desbordamiento del búfer y posiblemente un bloqueo puede presentarse cuando se ajusta un nuevo modo para un nick. • https://github.com/weechat/weechat/commit/40ccacb4330a64802b1f1e28ed9a6b6d3ca9197f https://lists.debian.org/debian-lts-announce/2020/03/msg00031.html https://lists.debian.org/debian-lts-announce/2021/09/msg00018.html https://security.gentoo.org/glsa/202003-51 https://weechat.org/doc/security • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0

CVE-2020-1951

https://notcve.org/view.php?id=CVE-2020-1951

A carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser in versions 1.0-1.23. Un archivo PSD cuidadosamente diseñado o corrupto puede causar un bucle infinito en PSDParser de Apache Tika en versiones 1.0-1.23. • https://lists.apache.org/thread.html/rd8c1b42bd0e31870d804890b3f00b13d837c528f7ebaf77031323172%40%3Cdev.tika.apache.org%3E https://lists.debian.org/debian-lts-announce/2020/03/msg00035.html https://usn.ubuntu.com/4564-1 https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/security-alerts/cpuoct2020.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0

CVE-2020-1950 – tika: excessive memory usage in PSDParser

https://notcve.org/view.php?id=CVE-2020-1950

A carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika's PSDParser in versions 1.0-1.23. Un archivo PSD cuidadosamente diseñado o corrupto puede causar un uso de memoria excesivo en el PSDParser de Apache Tika en versiones 1.0-1.23. A flaw was found in Apache Tika’s PSDParser, where a carefully crafted or corrupt PSD file can cause excessive memory usage. The highest threat from this vulnerability is to system availability. • https://lists.apache.org/thread.html/r463b1a67817ae55fe022536edd6db34e8f9636971188430cbcf8a8dd%40%3Cdev.tika.apache.org%3E https://lists.debian.org/debian-lts-announce/2020/03/msg00035.html https://usn.ubuntu.com/4564-1 https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/security-alerts/cpuoct2020.html https://access.redhat.com/security/cve/CVE-2020-1950 https://bugzilla.redhat.com/show_bug.cgi?id=1822759 • CWE-400: Uncontrolled Resource Consumption •