Microsoft DirectWrite / AFDKO suffers from a NULL pointer dereferences vulnerability in OpenType font handling while accessing empty dynarrays.
Microsoft DirectWrite / AFDKO suffers from multiple bugs in OpenType font handling related to the “post” table.
Microsoft DirectWrite / AFDKO suffers from an out-of-bounds read vulnerability in OpenType font handling due to undefined FontName index.
Microsoft DirectWrite / AFDKO suffers from a heap-baeed out-of-bounds read/write vulnerability in OpenType font handling due to empty ROS strings.
Microsoft DirectWrite / AFDKO suffers from a stack corruption vulnerability in OpenType font handling while processing CFF blend DICT operator.
There is a Microsoft Font Subsetting DLL heap corruption vulnerability in ComputeFormat4CmapData.
Jenkins Dependency Graph View plugin version 0.13 suffers from a persistent cross site scripting vulnerability.
SNMPc Enterprise Edition versions 9 and 10 suffer from a mapping filename buffer overflow vulnerability.
Sitecore version 9.0 rev 171002 suffers from a persistent cross site scripting vulnerability.
This Metasploit module exploits a command injection vulnerability in Xymon versions before 4.3.25 which allows authenticated users to execute arbitrary operating system commands as the web server user. When adding a new user to the system via the web interface with useradm.sh, the user’s username and password are passed to htpasswd in a call to […]