Astra Linux - уязвимость в linux

A issue was discovered in the Linux kernel through version 5.11.6. The fastrpcinternalinvoke function in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages, also known as CID-20c40794eb85. This is a related issue to CVE-2019-2308...

OESA-2026-2186 hdf5 security update

HDF5 is a data model, library, and file format for storing and managing data. It supports an unlimited variety of datatypes, and is designed for flexible and efficient I/O and for high volume and complex data. HDF5 is portable and is extensible, allowing applications to evolve in their use of HDF...

CVE-2019-2308

User application could potentially make RPC call to the fastrpc driver and the driver will allow the message to go through to the remote subsystem in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150,...

EUVD-2021-15058

Malware in sbrugna...

CVE-2013-2308

The 1 OWA Helper and 2 OSG Lite programs in SoftBank Online Service Gate allow remote authenticated users to discover their own passwords, and consequently bypass an Office 365 restriction, via unspecified vectors...

CVE-2005-2308

The JPEG decoder in Microsoft Internet Explorer allows remote attackers to cause a denial of service CPU consumption or crash and possibly execute arbitrary code via certain crafted JPEG images, as demonstrated using 1 movfencepost.jpg, 2 cmpfencepost.jpg, 3 oomdos.jpg, or 4 random.jpg...

AZL-58815 CVE-2025-2308 affecting package hdf5 1.14.6-1

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. This affects the function H5Zscaleoffsetdecompressonebyte of the component Scale-Offset Filter. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed...

CVE-2025-2308

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. This affects the function H5Zscaleoffsetdecompressonebyte of the component Scale-Offset Filter. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed...

CVE-2025-2308

creationtimestamp| type| source ---|---|--- 2025-03-14 20:48:28+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7640 2025-03-14 23:24:23+00:00| seen| https://t.me/cvedetector/20342 2025-03-15 00:51:34+00:00| seen|...

CVE-2025-2308

CVE-2025-2308 affects HDF5 1.14.6, specifically the H5Z__scaleoffset_decompress_one_byte function in the Scale-Offset Filter. The cited issue is a heap-based buffer overflow exploitable via local access; disclosure indicates public exploits and local attack requirements. Several trusted sources (...

CVE-2025-2308 HDF5 Scale-Offset Filter H5Z__scaleoffset_decompress_one_byte heap-based overflow

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. This affects the function H5Zscaleoffsetdecompressonebyte of the component Scale-Offset Filter. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed...

Linux Distros Unpatched Vulnerability : CVE-2022-2308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in vDPA with VDUSE backend. There are currently no checks in VDUSE kernel driver to ensure the size of the device config space is in line with...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2308)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:2308-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress ElementInvader Addons for Elementor Plugin <= 1.2.2 is vulnerable to Cross Site Scripting (XSS)

Software ElementInvader Addons for Elementor Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.2.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2308 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d954e51f317d Credits...

CVE-2024-2308

The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button link in the EliSlider in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

Malicious code in wlwz-2312-2308 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2833c9a7a9cd4269972eda510a813f41a26073b52a5685e5fa5ac738c9cbc504 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-385 Malicious code in wlwz-2312-2308 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2833c9a7a9cd4269972eda510a813f41a26073b52a5685e5fa5ac738c9cbc504 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Amazon Linux 2 : ghostscript (ALAS-2023-2308)

The version of ghostscript installed on the remote host is prior to 9.25-5. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2308 advisory. A buffer overflow vulnerability in epscprintpage in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a...

Oracle Linux 7 : libguestfs-winsupport (ELSA-2019-2308)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2019-2308 advisory. 7.2-3 - Fix for CVE-2019-9755 heap-based buffer overflow leads to local root privilege escalation resolves: rhbz1698502 Tenable has extracted the preceding...