CVE-2024-20846

Out-of-bounds write vulnerability while decoding hcr of libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code...

PT-2024-18755 · Unknown · Libsavsac.So

Name of the Vulnerable Software and Affected Versions: libsavsac.so versions prior to SMR Apr-2024 Release 1 Description: The issue is related to an out-of-bounds write vulnerability while decoding hcr of libsavsac.so. This allows a local attacker to execute arbitrary code. Recommendations: For...

CVE-2024-21453

Transient DOS while decoding message of size that exceeds the available system memory...

CVE-2024-21452

Transient DOS while decoding an ASN.1 OER message containing a SEQUENCE of unknown extensions...

CVE-2024-21454

Vulnerability CVE-2024-21454 affects Automotive Telematics and is described as a transient Denial of Service during decoding of the ToBeSignedMessage. The CVE record notes an underlying issue described as an Integer Overflow to Buffer Overflow in Automotive Telematics. The CVSS score is 7.5 (HIGH...

CVE-2024-21453

CVE-2024-21453: Affects Qualcomm chipsets; a vulnerability in the message decoding path where decoding a message larger than available system memory can cause a transient Denial of Service. The entry cites a network-based attack vector with no user interaction and high impact on availability. Pub...

CVE-2024-21453 Improper Input Validation in Automotive Telematics

Transient DOS while decoding message of size that exceeds the available system memory...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a denial of service when decoding messages whose size exceeds the available system memory...

PT-2024-18879 · Unknown · Automotive Telematics

Name of the Vulnerable Software and Affected Versions: Automotive Telematics affected versions not specified Description: The issue is related to a transient Denial of Service DOS that occurs while decoding the ToBeSignedMessage in Automotive Telematics. Recommendations: At the moment, there is n...

PT-2024-18878 · Qualcomm · Snapdragon +26

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a transient Denial of Service DOS that occurs when decoding a message of a size that exceeds the available system memory...

squid: Denial of Service in HTTP Chunked Decoding

A flaw was found in Squid. This issue may allow a remote attacker to trigger an uncontrolled recursion bug when sending a specially crafted, chunked, encoded HTTP Message, resulting in a denial of service...

Important: Red Hat Security Advisory: squid security and bug fix update

An update for squid is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

squid: Denial of Service in HTTP Chunked Decoding

A flaw was found in Squid. This issue may allow a remote attacker to trigger an uncontrolled recursion bug when sending a specially crafted, chunked, encoded HTTP Message, resulting in a denial of service...

UBUNTU-CVE-2021-47168

In the Linux kernel, the following vulnerability has been resolved: NFS: fix an incorrect limit in filelayoutdecodelayout The "sizeofstruct nfsfh" is two bytes too large and could lead to memory corruption. It should be NFSMAXFHSIZE because that's the size of the -data buffer. I reversed the size...

squid:4 security update

libecap squid 7:4.15-7.10 - Resolves: RHEL-19551 - squid:4/squid: denial of service in HTTP request parsing CVE-2023-50269 7:4.15-7.9 - Resolves: RHEL-28611 - squid:4/squid: Denial of Service in HTTP Chunked Decoding CVE-2024-25111 7:4.15-7.6 - Resolves: RHEL-26087 - squid:4/squid: denial of...

DEBIAN-CVE-2024-28574

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to cause a denial of service DoS via the opjj2kcopydefaulttcpandcreatetcd function when reading images in J2K format...

squid security update

7:5.5-6.0.1.8 - Rebuild with release bump 7:5.5-6.8 - Resolves: RHEL-19555 - squid: denial of service in HTTP request parsing CVE-2023-50269 7:5.5-6.7 - Resolves: RHEL-28614 - squid: Denial of Service in HTTP Chunked Decoding CVE-2024-25111 7:5.5-6.6 - Resolves: RHEL-26091 - squid: denial of...

squid: Denial of Service in HTTP Chunked Decoding

A flaw was found in Squid. This issue may allow a remote attacker to trigger an uncontrolled recursion bug when sending a specially crafted, chunked, encoded HTTP Message, resulting in a denial of service...

squid: Denial of Service in HTTP Chunked Decoding

A flaw was found in Squid. This issue may allow a remote attacker to trigger an uncontrolled recursion bug when sending a specially crafted, chunked, encoded HTTP Message, resulting in a denial of service...

Important: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...