An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 2. Date published : 2019-07-27 https://forum.xpdfreader.com/viewtopic.php?f=3&t=41851 https://github.com/TeamSeri0us/pocs/tree/master/xpdf/4.01.01
An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "multiple bytes per line" case. Date published : 2019-07-27 https://forum.xpdfreader.com/viewtopic.php?f=3&t=41851 https://github.com/TeamSeri0us/pocs/tree/master/xpdf/4.01.01
An issue was discovered in Xpdf 4.01.01. There is an Integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "one byte per line" case. Date published : 2019-07-27 https://forum.xpdfreader.com/viewtopic.php?f=3&t=41851 https://github.com/TeamSeri0us/pocs/tree/master/xpdf/4.01.01
In app/webroot/js/event-graph.js in MISP 2.4.111, a stored XSS vulnerability exists in the event-graph view when a user toggles the event graph view. A malicious MISP event must be crafted in order to trigger the...
Zendesk Samlr before 2.6.2 allows an XML nodes comment attack such as a name_id node with user@example.com followed by . and then the attacker’s domain name. Date published : 2019-07-26 https://github.com/zendesk/samlr/compare/v2.6.1…v2.6.2
An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled. Date published : 2019-07-26 https://seclists.org/bugtraq/2019/Aug/18 https://seclists.org/bugtraq/2019/Aug/26
An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace. Date published : 2019-07-26 https://security.netapp.com/advisory/ntap-20190905-0002/ https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.7
An issue was discovered in the Linux kernel before 4.20. drivers/phy/mscc/phy-ocelot-serdes.c has an off-by-one error with a resultant ctrl->phys out-of-bounds read. Date published : 2019-07-26 https://security.netapp.com/advisory/ntap-20190905-0002/ https://support.f5.com/csp/article/K32450233
A DLL side-loading vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow an authenticated attacker to gain code execution and terminate the product’s process – disabling endpoint protection. The attacker must have...
Cross-site scripting vulnerability in Central Dogma 0.17.0 to 0.40.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2019-07-26 http://jvn.jp/en/jp/JVN94889214/index.html https://github.com/line/centraldogma/releases/tag/centraldogma-0.41.0
In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate...
In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local...
The simple_captcha2 gem 0.2.3 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Date published : 2019-07-26 https://github.com/rubygems/rubygems.org/issues/2073 https://rubygems.org/gems/simple_captcha2/versions/
The datagrid gem 1.0.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Date published : 2019-07-26 https://github.com/rubygems/rubygems.org/issues/2072 https://rubygems.org/gems/datagrid/versions