Page 80 of 4598 results (0.009 seconds)

CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0

CVE-2009-3614

https://notcve.org/view.php?id=CVE-2009-3614

liboping 1.3.2 allows users reading arbitrary files upon the local system. liboping versión 1.3.2, permite a usuarios leer archivos arbitrarios en el sistema local. • https://access.redhat.com/security/cve/cve-2009-3614 https://security-tracker.debian.org/tracker/CVE-2009-3614 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2019-18397 – fribidi: buffer overflow in fribidi_get_par_embedding_levels_ex() in lib/fribidi-bidi.c leading to denial of service and possible code execution

https://notcve.org/view.php?id=CVE-2019-18397

A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then rendered by an application that uses FriBidi for text layout calculations. Examples include any GNOME or GTK+ based application that uses Pango for text layout, as this internally uses FriBidi for bidirectional text layout. For example, the attacker can construct a crafted text file to be opened in GEdit, or a crafted IRC message to be viewed in HexChat. Un desbordamiento de búfer en la función fribidi_get_par_embedding_levels_ex() en la biblioteca lib/fribidi-bidi.c de GNU FriBidi versiones hasta 1.0.7, permite a un atacante causar una denegación de servicio o posiblemente ejecutar código arbitrario al entregar contenido de texto diseñado a un usuario, cuando este contenido es entonces renderizado mediante una aplicación que utiliza FriBidi para los cálculos de diseño de texto. Los ejemplos incluyen cualquier aplicación basada en GNOME o GTK+ que use Pango para el diseño de texto, ya que esto utiliza internamente FriBidi para el diseño de texto bidireccional. • https://access.redhat.com/errata/RHSA-2019:4326 https://access.redhat.com/errata/RHSA-2019:4361 https://access.redhat.com/errata/RHSA-2020:0291 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944327 https://github.com/fribidi/fribidi/commit/034c6e9a1d296286305f4cfd1e0072b879f52568 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFS3N6KKXPI6ATDNEUFRSLX7R6BOBNIP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5UJRTG32FDNI7T637Q6PZYL3UCRR5HR& • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-400: Uncontrolled Resource Consumption •

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2008-7291

https://notcve.org/view.php?id=CVE-2008-7291

gri before 2.12.18 generates temporary files in an insecure way. gri versiones anteriores a 2.12.18, genera archivos temporales de manera no segura. • https://security-tracker.debian.org/tracker/CVE-2008-7291 • CWE-668: Exposure of Resource to Wrong Sphere •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2013-1811

https://notcve.org/view.php?id=CVE-2013-1811

An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New". Un problema de control de acceso en MantisBT versiones anteriores a 1.2.13, permite a usuarios con permisos de "Reporter" cambiar cualquier problema a "New". • http://www.debian.org/security/2015/dsa-3120 http://www.openwall.com/lists/oss-security/2013/03/03/6 http://www.openwall.com/lists/oss-security/2013/03/04/9 https://mantisbt.org/bugs/view.php?id=15258 https://security-tracker.debian.org/tracker/CVE-2013-1811 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0

CVE-2013-1809

https://notcve.org/view.php?id=CVE-2013-1809

Gambas before 3.4.0 allows remote attackers to move or manipulate directory contents or perform symlink attacks due to the creation of insecure temporary directories. Gambas versiones anteriores a 3.4.0, permite a atacantes remotos mover o manipular el contenido del directorio o realizar ataques de tipo symlink debido a la creación de directorios temporales no seguros. • http://www.openwall.com/lists/oss-security/2013/03/03/4 https://access.redhat.com/security/cve/cve-2013-1809 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1809 https://code.google.com/archive/p/gambas/issues/365 https://security-tracker.debian.org/tracker/CVE-2013-1809 https://sourceforge.net/p/gambas/code/5438 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •