CVE-2024-57890

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqesize cmd.wrcount", both variables are u32 values that come from the user so the multiplication can lead to integer wrapping. Then we pass the result to...

Microsoft SQL Server 安全漏洞

Microsoft SQL Server is a large commercial database system from Microsoft Corporation USA that is used under Microsoft Windows. A security vulnerability exists in Microsoft SQL Server. An attacker exploiting this vulnerability could remotely execute code. The following products and editions are...

CVE-2020-10543

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. An application written in Perl would only be vulnerable to this flaw if it evaluates regular expressions supplied by the attacker. Evaluating regular...

Privilege Escalation in PAN-OS

Palo Alto Networks is aware of an integer overflow vulnerability in the Linux kernel's createelftables function. Ref PAN-105966, CVE-2018-14634 Successful exploitation of this issue may allow an unprivileged local user to escalate their privileges on the system. To successfully exploit this...

Transmission - Integer Overflows Parsing Torrent Files

Transmission - Integer Overflows Parsing Torrent Files I took a look at torrent file parsing in libtransmission, there are a few integer overflows because the trnew/trnew0 allocation wrappers don't handle overflow. define trnewstructtype, nstructs \ structtype trmalloc sizeof structtype...

Ubuntu 9.10 : linux, linux-ec2 vulnerabilities (USN-1073-1)

Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. CVE-2010-0435 Dan Jacobson discovered that ThinkPad video output was not correctly...

Ubuntu 8.10 : fglrx-installer vulnerability (USN-721-1)

Marko Lindqvist discovered that the fglrx installer created an unsafe LDLIBRARYPATH on 64bit systems. If a user were tricked into downloading specially crafted libraries and running commands in the same directory, a remote attacker could execute arbitrary code with user privileges. Note that...

Mandriva Update for libneon0.26 MDKSA-2007:013 (libneon0.26)

Check for the Version of libneon0.26 OpenVAS Vulnerability Test Mandriva Update for libneon0.26 MDKSA-2007:013 libneon0.26 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Mandriva Update for libneon0.26 MDKSA-2007:013 (libneon0.26)

Check for the Version of libneon0.26 OpenVAS Vulnerability Test Mandriva Update for libneon0.26 MDKSA-2007:013 libneon0.26 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

USN-721-1: fglrx-installer vulnerability

Marko Lindqvist discovered that the fglrx installer created an unsafe LDLIBRARYPATH on 64bit systems. If a user were tricked into downloading specially crafted libraries and running commands in the same directory, a remote attacker could execute arbitrary code with user privileges...

SuSE 10 Security Update : imlib2-loaders (ZYPP Patch Number 2245)

Various security problems have been fixed in the imlib2 image loaders : - A stack-based buffer overflow in loaderpnm.c could be used by attackers to execute code by supplying a handcrafted PNM image. CVE-2006-4809 - A heap buffer overflow in loadertga.c could potentially be used by attackers to...

SuSE 10 Security Update : imlib2-loaders (ZYPP Patch Number 2261)

Various security problems have been fixed in the imlib2 image loaders : - A stack-based buffer overflow in loaderpnm.c could be used by attackers to execute code by supplying a handcrafted PNM image. CVE-2006-4809 - A heap buffer overflow in loadertga.c could potentially be used by attackers to...

openSUSE 10 Security Update : imlib2-loaders (imlib2-loaders-2265)

Various security problems have been fixed in the imlib2 image loaders : CVE-2006-4809: A stack-based buffer overflow in loaderpnm.c could be used by attackers to execute code by supplying a handcrafted PNM image. CVE-2006-4808: A heap buffer overflow in loadertga.c could potentially be used by...

Mandrake Linux Security Advisory : libneon0.26 (MDKSA-2007:013)

An array index error in the URI parser in neon 0.26.0 to 0.26.2 could possibly allow remote malicious servers to cause a crash via a URI with non-ASCII characters. This vulnerability may only exist on 64bit systems. Updated packages are patched to address this issue. %NASLMINLEVEL 70300 C Tenable...

PHP 4.4.4 and PHP 5.1.5 Released

PHP 4.4.4 and PHP 5.1.5 Released 17-Aug-2006 The PHP development team would like to announce the immediate availability of PHP 5.1.5 and 4.4.4. These two releases address a series of security problems that were discovered since the release of PHP 5.1.4 and 4.4.3. The new releases include the...

FreeBSD : up-imapproxy -- multiple vulnerabilities (927743d4-5ca9-11d9-a9e7-0001020eed82)

Timo Sirainen reports : There are various bugs in up-imapproxy which can crash it. Since up-imapproxy runs in a single process with each connection handled in a separate thread, any crash kills all the connections and stops listening for new ones. In 64bit systems it might be possible to make it...

Security Update for Windows XP for x64-based Systems (KB4012583)

Security Update for Windows XP for x64-based Systems KB4012583...