Core Security Technologies Advisory – SAP distributes software and packages using an archive program called SAPCAR. This program uses a custom archive file format. A memory corruption vulnerability was found…
>> CATEGORY: exploit
Microsoft MsMpEng suffers from an issue where the UIF decoder will spin forever processing sparse blocks.
This archive contains numerous TDS streams that cause segmentation faults in the FreeTDS library. The ‘tsql’ binary was used for the fuzzing, so these most likely only affect client-side functionality….
BanManager WebUI version 1.5.8 suffers from PHP code injection and cross site scripting vulnerabilities.
Gongwalker API Manager version 1.1 suffers from a remote blind SQL injection vulnerability.
Gongwalker API Manager version 1.1 suffers from cross site request forgery vulnerabilities.
QNAP PhotoStation version 5.2.4 and MusicStation version 4.8.4 suffer from an authentication bypass vulnerability.
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via…
During EBML node parsing the EBML element_size is used unvalidated to allocate a stack buffer to store the element contents. Since calls to alloca simply compile to a subtraction from…
LG suffers from multiple heap buffer overflow vulnerabilities in mkvparser::Block::Block.