Category: Alert Feeds

Panda3d v1.10.16 egg-mkfont Stack Buffer Overflow  – Full Disclosure

Posted on By Joe-W
Panda3d v1.10.16 egg-mkfont Stack Buffer Overflow  – Full Disclosure
Alert Feeds

  Posted by Ron E on Jan 05 A stack-based buffer overflow vulnerability exists in the Panda3D egg-mkfont utility due to the use of an unbounded sprintf() call with attacker-controlled input. By supplying an excessively long glyph pattern string via the -gp command-line option, an attacker can trigger a stack buffer overflow, resulting in a … Read More “Panda3d v1.10.16 egg-mkfont Stack Buffer Overflow  – Full Disclosure” »

Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group)  – Full Disclosure

Posted on By Joe-W
Alert Feeds

  Posted by Yuffie Kisaragi via Fulldisclosure on Jan 05 UPDATE: Following the publication of these vulnerabilities and the subsequent CVE assignments, the CVE identifiers have now been revoked. The vendor (EQS Group) contacted the CVE Program (via a CNA) and disputed the records, stating that the affected product is an exclusively hosted SaaS platform with … Read More “Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group)  – Full Disclosure” »

AttackFeed by Joe Wagner
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.