๐จ CVE-2020-21830
A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bit_calc_CRC ../../src/bits.c:2213.
๐@cveNotify
A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bit_calc_CRC ../../src/bits.c:2213.
๐@cveNotify
GitHub
Several bugs found by fuzzing ยท Issue #188 ยท LibreDWG/libredwg
Hi, After fuzzing libredwg, I found the following bugs on the latest commit on master. Command: ./dwgbmp $PoC 1.NULL pointer dereference in read_2004_compressed_section ../../src/decode.c:2417 POC:...
๐จ CVE-2020-21832
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2417.
๐@cveNotify
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2417.
๐@cveNotify
GitHub
Several bugs found by fuzzing ยท Issue #188 ยท LibreDWG/libredwg
Hi, After fuzzing libredwg, I found the following bugs on the latest commit on master. Command: ./dwgbmp $PoC 1.NULL pointer dereference in read_2004_compressed_section ../../src/decode.c:2417 POC:...
๐จ CVE-2020-21833
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_classes ../../src/decode.c:2440.
๐@cveNotify
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_classes ../../src/decode.c:2440.
๐@cveNotify
GitHub
Several bugs found by fuzzing ยท Issue #188 ยท LibreDWG/libredwg
Hi, After fuzzing libredwg, I found the following bugs on the latest commit on master. Command: ./dwgbmp $PoC 1.NULL pointer dereference in read_2004_compressed_section ../../src/decode.c:2417 POC:...
๐จ CVE-2020-21834
A null pointer deference issue exists in GNU LibreDWG 0.10 via get_bmp ../../programs/dwgbmp.c:164.
๐@cveNotify
A null pointer deference issue exists in GNU LibreDWG 0.10 via get_bmp ../../programs/dwgbmp.c:164.
๐@cveNotify
GitHub
Several bugs found by fuzzing ยท Issue #188 ยท LibreDWG/libredwg
Hi, After fuzzing libredwg, I found the following bugs on the latest commit on master. Command: ./dwgbmp $PoC 1.NULL pointer dereference in read_2004_compressed_section ../../src/decode.c:2417 POC:...
๐จ CVE-2020-21835
A null pointer deference issue exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2337.
๐@cveNotify
A null pointer deference issue exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2337.
๐@cveNotify
GitHub
Several bugs found by fuzzing ยท Issue #188 ยท LibreDWG/libredwg
Hi, After fuzzing libredwg, I found the following bugs on the latest commit on master. Command: ./dwgbmp $PoC 1.NULL pointer dereference in read_2004_compressed_section ../../src/decode.c:2417 POC:...
๐จ CVE-2020-21836
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_preview ../../src/decode.c:3175.
๐@cveNotify
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_preview ../../src/decode.c:3175.
๐@cveNotify
GitHub
Several bugs found by fuzzing ยท Issue #188 ยท LibreDWG/libredwg
Hi, After fuzzing libredwg, I found the following bugs on the latest commit on master. Command: ./dwgbmp $PoC 1.NULL pointer dereference in read_2004_compressed_section ../../src/decode.c:2417 POC:...
๐จ CVE-2020-21838
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_appinfo ../../src/decode.c:2842.
๐@cveNotify
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_appinfo ../../src/decode.c:2842.
๐@cveNotify
GitHub
Several bugs found by fuzzing ยท Issue #188 ยท LibreDWG/libredwg
Hi, After fuzzing libredwg, I found the following bugs on the latest commit on master. Command: ./dwgbmp $PoC 1.NULL pointer dereference in read_2004_compressed_section ../../src/decode.c:2417 POC:...
๐จ CVE-2020-21839
An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638.
๐@cveNotify
An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638.
๐@cveNotify
cwe.mitre.org
CWE -
CWE-401: Missing Release of Memory after Effective Lifetime (4.20)
CWE-401: Missing Release of Memory after Effective Lifetime (4.20)
Common Weakness Enumeration (CWE) is a list of software weaknesses.
๐จ CVE-2020-21840
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_search_sentinel ../../src/bits.c:1985.
๐@cveNotify
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_search_sentinel ../../src/bits.c:1985.
๐@cveNotify
GitHub
Several bugs found by fuzzing ยท Issue #188 ยท LibreDWG/libredwg
Hi, After fuzzing libredwg, I found the following bugs on the latest commit on master. Command: ./dwgbmp $PoC 1.NULL pointer dereference in read_2004_compressed_section ../../src/decode.c:2417 POC:...
๐จ CVE-2020-21841
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_B ../../src/bits.c:135.
๐@cveNotify
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_B ../../src/bits.c:135.
๐@cveNotify
GitHub
Several bugs found by fuzzing ยท Issue #188 ยท LibreDWG/libredwg
Hi, After fuzzing libredwg, I found the following bugs on the latest commit on master. Command: ./dwgbmp $PoC 1.NULL pointer dereference in read_2004_compressed_section ../../src/decode.c:2417 POC:...
๐จ CVE-2020-21842
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_revhistory ../../src/decode.c:3051.
๐@cveNotify
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_revhistory ../../src/decode.c:3051.
๐@cveNotify
GitHub
Several bugs found by fuzzing ยท Issue #188 ยท LibreDWG/libredwg
Hi, After fuzzing libredwg, I found the following bugs on the latest commit on master. Command: ./dwgbmp $PoC 1.NULL pointer dereference in read_2004_compressed_section ../../src/decode.c:2417 POC:...
๐จ CVE-2020-21843
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_RC ../../src/bits.c:318.
๐@cveNotify
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_RC ../../src/bits.c:318.
๐@cveNotify
GitHub
Several bugs found by fuzzing ยท Issue #188 ยท LibreDWG/libredwg
Hi, After fuzzing libredwg, I found the following bugs on the latest commit on master. Command: ./dwgbmp $PoC 1.NULL pointer dereference in read_2004_compressed_section ../../src/decode.c:2417 POC:...
๐จ CVE-2020-21844
GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code (remote). The component is: read_2004_section_header ../../src/decode.c:2580.
๐@cveNotify
GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code (remote). The component is: read_2004_section_header ../../src/decode.c:2580.
๐@cveNotify
GitHub
Several bugs found by fuzzing ยท Issue #188 ยท LibreDWG/libredwg
Hi, After fuzzing libredwg, I found the following bugs on the latest commit on master. Command: ./dwgbmp $PoC 1.NULL pointer dereference in read_2004_compressed_section ../../src/decode.c:2417 POC:...
๐จ CVE-2017-17674
BMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclusion. Due to the lack of restrictions on what can be targeted, the system can be vulnerable to attacks such as system fingerprinting, internal port scanning, Server Side Request Forgery (SSRF), or remote code execution (RCE).
๐@cveNotify
BMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclusion. Due to the lack of restrictions on what can be targeted, the system can be vulnerable to attacks such as system fingerprinting, internal port scanning, Server Side Request Forgery (SSRF), or remote code execution (RCE).
๐@cveNotify
๐จ CVE-2017-17675
BMC Remedy Mid Tier 9.1SP3 is affected by log hijacking. Remote logging can be accessed by unauthenticated users, allowing for an attacker to hijack the system logs. This data can include user names and HTTP data.
๐@cveNotify
BMC Remedy Mid Tier 9.1SP3 is affected by log hijacking. Remote logging can be accessed by unauthenticated users, allowing for an attacker to hijack the system logs. This data can include user names and HTTP data.
๐@cveNotify
๐จ CVE-2017-17677
BMC Remedy 9.1SP3 is affected by authenticated code execution. Authenticated users that have the right to create reports can use BIRT templates to run code.
๐@cveNotify
BMC Remedy 9.1SP3 is affected by authenticated code execution. Authenticated users that have the right to create reports can use BIRT templates to run code.
๐@cveNotify
๐จ CVE-2017-17678
BMC Remedy Mid Tier 9.1SP3 is affected by cross-site scripting (XSS). A DOM-based cross-site scripting vulnerability was discovered in a legacy utility.
๐@cveNotify
BMC Remedy Mid Tier 9.1SP3 is affected by cross-site scripting (XSS). A DOM-based cross-site scripting vulnerability was discovered in a legacy utility.
๐@cveNotify
๐จ CVE-2020-21517
Cross Site Scripting (XSS) vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php.
๐@cveNotify
Cross Site Scripting (XSS) vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php.
๐@cveNotify
GitHub
cms/metinfo/metinfo7.0.0.md at master ยท lvyyevd/cms
vulnerability. Contribute to lvyyevd/cms development by creating an account on GitHub.
๐จ CVE-2020-22168
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\change-emaild.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
๐@cveNotify
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\change-emaild.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
๐@cveNotify
GitHub
GitHub - itodaro/PHPGurukul_Hospital_Management_System4.0_cve
Contribute to itodaro/PHPGurukul_Hospital_Management_System4.0_cve development by creating an account on GitHub.
๐จ CVE-2020-20584
A cross site scripting vulnerability in baigo CMS v4.0-beta-1 allows attackers to execute arbitrary web scripts or HTML via the form parameter post to /public/console/profile/info-submit/.
๐@cveNotify
A cross site scripting vulnerability in baigo CMS v4.0-beta-1 allows attackers to execute arbitrary web scripts or HTML via the form parameter post to /public/console/profile/info-submit/.
๐@cveNotify
๐จ CVE-2020-20585
A blind SQL injection in /admin/?n=logs&c=index&a=dode of Metinfo 7.0 beta allows attackers to access sensitive database information.
๐@cveNotify
A blind SQL injection in /admin/?n=logs&c=index&a=dode of Metinfo 7.0 beta allows attackers to access sensitive database information.
๐@cveNotify