An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (later than CVE-2019-9779). Date published : 2019-03-14 http://www.securityfocus.com/bid/107447 https://github.com/LibreDWG/libredwg/issues/99
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function dwg_dxf_BLOCK_CONTROL at dwg.spec. Date published : 2019-03-14 http://www.securityfocus.com/bid/107447 https://github.com/LibreDWG/libredwg/issues/99
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function bit_read_B at bits.c. Date published : 2019-03-14 http://www.securityfocus.com/bid/107447 https://github.com/LibreDWG/libredwg/issues/99
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the z dimension. Date published : 2019-03-14 http://www.securityfocus.com/bid/107447 https://github.com/LibreDWG/libredwg/issues/99
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LEADER at dwg.spec. Date published : 2019-03-14 http://www.securityfocus.com/bid/107447 https://github.com/LibreDWG/libredwg/issues/99
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function bit_convert_TU at bits.c. Date published : 2019-03-14 http://www.securityfocus.com/bid/107447 https://github.com/LibreDWG/libredwg/issues/99
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the y dimension. Date published : 2019-03-14 http://www.securityfocus.com/bid/107447 https://github.com/LibreDWG/libredwg/issues/99
PilusCart 1.4.1 is vulnerable to index.php?module=users&action=newUser CSRF, leading to the addition of a new user as administrator. Date published : 2019-03-14 https://www.exploit-db.com/exploits/46531
Thinkst Canarytokens through commit hash 4e89ee0 (2019-03-01) relies on limited variation in size, metadata, and timestamp, which makes it easier for attackers to estimate whether a Word document contains a token. Date published :...
Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .wma file. Date published : 2019-03-14 https://www.exploit-db.com/exploits/45412 http://packetstormsecurity.com/files/160157/Free-MP3-CD-Ripper-2.8-Buffer-Overflow.html
Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .mp3 file. Date published : 2019-03-14 https://www.exploit-db.com/exploits/45403
In Blog_mini 1.0, XSS exists via the author name of a comment reply in the app/main/views.py articleDetails() function, related to app/templates/_article_comments.html. Date published : 2019-03-14 https://github.com/xpleaf/Blog_mini/issues/43
IBM Content Navigator 3.0CD is could allow an attacker to execute arbitrary code on a user’s workstation. When editing an executable file in ICN with Edit service, it will be executed on the user’s...
Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to...