Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.
Monthly Archives: March 2017
CVE-2016-10273
Multiple stack buffer overflow vulnerabilities in Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to execute arbitrary code or crash the web service via the (1) ateFunc, (2) ateGain, (3) ateTxCount, (4) ateChan, (5) ateRate, (6) ateMacID, (7) e2pTxPower1, (8) e2pTxPower2, (9) e2pTxPower3, (10) e2pTxPower4, (11) e2pTxPower5, (12) e2pTxPower6, (13) e2pTxPower7, (14) e2pTx2Power1, (15) e2pTx2Power2, (16) e2pTx2Power3, (17) e2pTx2Power4, (18) e2pTx2Power5, (19) e2pTx2Power6, (20) e2pTx2Power7, (21) ateTxFreqOffset, (22) ateMode, (23) ateBW, (24) ateAntenna, (25) e2pTxFreqOffset, (26) e2pTxPwDeltaB, (27) e2pTxPwDeltaG, (28) e2pTxPwDeltaMix, (29) e2pTxPwDeltaN, and (30) readE2P parameters of the /goform/formWlanMP endpoint.
Hotel Booking Script 1.0 SQL Injection
Hotel Booking Script version 1.0 suffers from a remote SQL injection vulnerability.
Just Another Video Script 1.4.3 SQL Injection
Just Another Video Script version 1.4.3 suffers from a remote SQL injection vulnerability.
Delux Same Day Delivery Script 1.0 SQL Injection
Delux Same Day Delivery Script 1.0 suffers from a remote SQL injection vulnerability.
PHP Real Estate Property Script SQL Injection
PHP Real Estate Property Script suffers from a remote SQL injection vulnerability.
CouponPHP CMS 3.1 SQL Injection
CouponPHP CMS version 3.1 suffers from a remote SQL injection vulnerability.
Professional Bus Booking Script SQL Injection
Professional Bus Booking Script suffers from a remote SQL injection vulnerability.
B2B Marketplace Script 2.0 SQL Injection
B2B Marketplace Script version 2.0 suffers from a remote SQL injection vulnerability.
Courier Tracking Software 6.0 SQL Injection
Courier Tracking Software version 6.0 suffers from a remote SQL injection vulnerability.