LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx.
Category Archives: Security
Security
CVE-2016-10328
FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c.
CVE-2017-7869
GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor’s GNUTLS-SA-2017-3 report) is fixed in 3.5.10.
CVE-2017-7860
Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parse_unix function in core/ext/client_channel/parse_address.c.
Microsoft Windows Kernel win32kfull!SfnINLPUAHDRAWMENUITEM Memory Disclosure
The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32kfull!SfnINLPUAHDRAWMENUITEM.
Microsoft Windows Kernel NtGdiGetDIBitsInternal Memory Disclosure / DoS
Multiple bugs have been discovered in the implementation of the win32k!NtGdiGetDIBitsInternal system call, which is a part of the graphic subsystem in all modern versions of Windows. The issues can potentially lead to kernel pool memory disclosure or denial of service. Under certain circumstances, memory corruption could also be possible.
concrete5 8.1.0 Host Header Injection
concrete5 version 8.1.0 suffers from a host header injection vulnerability.
Agorum Core Pro 7.8.1.4-251 XXE Injection
Agorum Core Pro version 7.8.1.4-251 suffers from an XML external entity injection vulnerability.
Agorum Core Pro 7.8.1.4-251 Cross Site Scripting
Agorum Core Pro version 7.8.1.4-251 suffers from a reflective cross site scripting vulnerability.
AlienVault USM/OSSIM 5.3.4 / 5.3.5 Remote Command Execution
This Metasploit module exploits an unauthenticated command injection in Alienvault USM/OSSIM versions 5.3.4 and 5.3.5. The vulnerability lies in an API function that does not check for authentication and then passes user input directly to a system call as root.