The vulnerability exists due to insufficient validation of user-supplied input within the Ribose RNP library when parsing PKESK/SKESK packets. The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
A remote attacker can trick the victim to visit a specially crafted page, trigger a double free error and execute arbitrary code on the target system.ĬWE-ID: CWE-20 - Improper input validation The vulnerability exists due to a boundary error in libwebp. Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system. The vulnerability exists due to a boundary error in the Safe Browsing API. The vulnerability allows a remote attacker to execute arbitrary code on the target system. Is there known malware, which exploits this vulnerability?
SUSE Linux Enterprise Desktop 15: SP4 - SP4 SUSE Linux Enterprise High Performance Computing 15: SP4 - SP4 SUSE Linux Enterprise Server 15: SP4 - SP4 SUSE Linux Enterprise Server for SAP Applications 15: SP4 - SP4 SUSE Linux Enterprise Workstation Extension 15: SP4 - SP4 Update the affected package MozillaThunderbird to the latest version. OCSP revocation status of recipient certificates is not checked when sending S/Mime encrypted email, as a result revoked certificates are accepted. The vulnerability exists due to an error when processing revocation status of S/mime recipient certificates. The vulnerability allows a remote attacker to gain access to sensitive information.
SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15
0 kommentar(er)
