A memory corruption vulnerability exists in the ANI-parsing functionality of Computerinsel Photoline 20.54. A specially crafted ANI image processed via the application can lead to a stack overflow, overwriting arbitrary data. An attacker can...
A memory corruption vulnerability exists in the PSD-parsing functionality of Computerinsel Photoline 20.54. A specially crafted PSD image processed via the application can lead to a stack overflow, overwriting arbitrary data. An attacker can...
An exploitable unauthenticated XML external injection vulnerability was identified in FocalScope v2416. A unauthenticated attacker could submit a specially crafted web request to FocalScope’s server that could cause an XXE, and potentially result in...
Multiple exploitable buffer overflow vulnerabilities exist in image parsing functionality of the CFITSIO library version 3.42. Specially crafted images parsed via the library, can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...
Driver module in Intel Smart Sound Technology before version 9.21.00.3541 potentially allows a local attacker to execute arbitrary code as administrator via a system calls. Date published : 2018-08-01 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00163.html
Escalation of privilege in Intel Saffron admin application before 11.4 allows an authenticated user to access unauthorized information. Date published : 2018-08-01 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00136.html
Driver module in Intel Smart Sound Technology before version 9.21.00.3541 potentially allows a local attacker to execute arbitrary code as administrator via a buffer overflow. Date published : 2018-08-01 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00163.html
Driver module in Intel Smart Sound Technology before version 9.21.00.3541 potentially allows a local attacker to execute arbitrary code as administrator via a non-paged pool overflow. Date published : 2018-08-01 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00163.html
Escalation of privilege in Intel Saffron MemoryBase before 11.4 allows an authenticated user access to privileged information. Date published : 2018-08-01 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00136.html
Escalation of privilege in Intel Saffron MemoryBase before version 11.4 potentially allows an authorized user of the Saffron application to execute arbitrary code as root. Date published : 2018-08-01 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00136.html
Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector. Date published : 2018-08-01 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00129.html
An exposure of sensitive information vulnerability exists in Jenkins Tinfoil Security Plugin 1.6.1 and earlier in TinfoilScanRecorder.java that allows attackers with file system access to the Jenkins master to obtain the API secret key...
An exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.10.1 and earlier in KubernetesCloud.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins. Date published : 2018-08-01...
A server-side request forgery vulnerability exists in Jenkins Confluence Publisher Plugin 2.0.1 and earlier in ConfluenceSite.java that allows attackers to have Jenkins submit login requests to an attacker-specified Confluence server URL with attacker specified...