Debian: Security Advisory (DLA-4459-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-4459 : libmatio-dev - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4459 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4459-1 [email protected]...

Security update for matio (important)

openSUSE security update: security update for matio ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20022-1 Rating: important References: bsc1239677 bsc1239678 Cross-References: CVE-2025-2337 CVE-2025-2338 Affected Products: openSUSE Leap 16.0...

CVE-2019-2338

Crafted image that has a valid signature from a non-QC entity can be loaded which can read/write memory that belongs to the secure world in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired...

HP Integrated Lights-Out Remote Code Execution (CVE-2013-2338)

Unspecified vulnerability on HP Integrated Lights-Out 3 aka iLO3 cards with firmware before 1.57 and 4 aka iLO4 cards with firmware before 1.22, when Single-Sign-On SSO is used, allows remote attackers to execute arbitrary code via unknown vectors. This plugin only works with Tenable.ot. Please...

Huawei EulerOS: Security Advisory for openjpeg2 (EulerOS-SA-2025-2338)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CLSA-2025-1757699919 ruby: Fix of CVE-2016-2338

CVE-2016-2338: fix heap overflow vulnerability in startdocument function...

Medium: ruby

Issue Overview: An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can...

CVE-2012-2338

SQL injection vulnerability in includes/picture.class.php in Galette 0.63, 0.63.1, 0.63.2, 0.63.3, and 0.64rc1 allows remote attackers to execute arbitrary SQL commands via the idadh parameter to picture.php...

CVE-2002-2338

The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service no new mail via a mail message containing a dot . at a newline, which is interpreted as the end of the message...

CVE-2025-2338

A vulnerability, which was classified as critical, was found in tbeu matio 1.5.28. Affected is the function strdupvprintf of the file src/io.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may ...

CVE-2025-2338

A vulnerability, which was classified as critical, was found in tbeu matio 1.5.28. Affected is the function strdupvprintf of the file src/io.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may ...

CVE-2025-2338

CVE-2025-2338 affects libmatio 1.5.28 (tbeu/matio). The vulnerability is a heap-based buffer overflow in strdup_vprintf (src/io.c) that can be exploited remotely. Connected advisories confirm the issue in libmatio and cite remote DoS and potential remote code execution when handling user-supplied...

CVE-2025-2338 tbeu matio io.c strdup_vprintf heap-based overflow

A vulnerability, which was classified as critical, was found in tbeu matio 1.5.28. Affected is the function strdupvprintf of the file src/io.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may ...

RHEL 7 : ruby (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ruby: Fiddle::Function.new heap buffer overflow CVE-2016-2339 - Type confusion exists in canceleval Ruby'...

CVE-2024-2338

creationtimestamp| type| source ---|---|--- 2024-03-08 21:27:00+00:00| seen| https://t.me/ctinow/203590 2024-03-08 21:27:03+00:00| seen| https://t.me/ctinow/203593...

CVE-2024-2338 SQL Injection in PostgreSQL Anonymizer 1.2 allows table owner to gain superuser privileges via masking rule

PostgreSQL Anonymizer v1.2 contains a SQL injection vulnerability that allows a user who owns a table to elevate to superuser when dynamic masking is enabled. PostgreSQL Anonymizer enables users to set security labels on tables to mask specified columns. There is a flaw that allows complex...

Amazon Linux 2 : vim (ALAS-2023-2338)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2338 advisory. Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in the file src/alloc.c at line 748, which is freed in the file...

hofapotheke-wuerzburg.de Improper Access Control vulnerability OBB-3767500

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-2338

The CVE-2023-2338 entry affects pimcore/pimcore versions prior to 10.5.21. The vulnerability is a SQL Injection in the AssetController caused by unsanitized string concatenation in a where clause, enabling an attacker to dump/alter data or cause DoS on the backend database. Remediation: upgrade t...