18 matches found
WordPress Geo Mashup plugin <= 1.13.15 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Geo Mashup versions = 1.13.15...
CVE-2024-32972
go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. Prior to 1.13.15, a vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix has been included in geth version 1.13.15...
CVE-2024-32972 go-ethereum denial of service via malicious p2p message
go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. Prior to 1.13.15, a vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix has been included in geth version 1.13.15...
CVE-2024-32972 go-ethereum denial of service via malicious p2p message
go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. Prior to 1.13.15, a vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix has been included in geth version 1.13.15...
CVE-2024-32972
CVE-2024-32972 affects go-ethereum (geth). A vulnerable node can be forced to consume excessive memory by processing specially crafted p2p messages, triggering a denial of service. The underlying issue is related to handling certain p2p requests (notably a GetBlockHeadersRequest with crafted valu...
Ethereum Go-ethereum 安全漏洞
Ethereum Go-ethereum is a codebase from the Ethereum community that implements the Ethereum protocol in the Go language. A security vulnerability exists in Ethereum Go-ethereum versions prior to 1.13.15, which stems from a vulnerable node that may consume a large amount of memory when processing...
PT-2024-25019 · Unknown · Go-Ethereum
Name of the Vulnerable Software and Affected Versions: go-ethereum geth versions prior to 1.13.15 Description: A vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node, potentially resulting in a denial of servic...
SUSE CVE-2023-32307
Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to GHSA-8599-x7rq-fr54, several other potential heap-over-flow and integer-overflow in stunparseattrerrorcode and stunparseattruint32 were found because the lack of attributes length check...
DEBIAN-CVE-2023-32307
Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to GHSA-8599-x7rq-fr54, several other potential heap-over-flow and integer-overflow in stunparseattrerrorcode and stunparseattruint32 were found because the lack of attributes length check...
Integer overflow
Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to GHSA-8599-x7rq-fr54, several other potential heap-over-flow and integer-overflow in stunparseattrerrorcode and stunparseattruint32 were found because the lack of attributes length check...
UBUNTU-CVE-2023-32307
Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to GHSA-8599-x7rq-fr54, several other potential heap-over-flow and integer-overflow in stunparseattrerrorcode and stunparseattruint32 were found because the lack of attributes length check...
PT-2023-23716 · Sofia-Sip +3 · Sofia-Sip +3
Name of the Vulnerable Software and Affected Versions: Sofia-SIP versions prior to 1.13.15 Description: Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Several potential heap-over-flow and integer-overflow vulnerabilities were found in stun parse...
go-toolset:ol8 security update
golang 1.13.15-1 - Rebase to 1.13.15 - Related: rhbz1865875 - Related: rhbz1865873 go-toolset 1.13.15-1 - Rebase to 1.13.15 - Related: rhbz1865875 - Related: rhbz1865873...
[SECURITY] Fedora 31 Update: golang-1.13.15-1.fc31
The Go Programming Language...
Updated golang packages fix security vulnerability
Servers where the Handler concurrently reads the request body and writes a response can encounter a data race and crash. The httputil.ReverseProxy Handler is affected CVE-2020-15586. Certain invalid inputs to ReadUvarint or ReadVarint could cause those functions to read an unlimited number of byt...
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
...
AZL-79098 CVE-2020-16845 affecting package golang 1.25.7-1
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...
CVE-2020-16845
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...