K17330: GnuTLS vulnerability CVE-2015-3308

Security Advisory Description Double free vulnerability in lib/x509/x509ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point. CVE-2015-3308 Impact A remote attacker may be able to cause a...

Moderate: python-setuptools security update

The python-setuptools package provides a collection of enhancements to Python distribution utilities allowing convenient building and distribution of Python packages. Security Fixes: pypa-setuptools: Regular Expression Denial of Service ReDoS in packageindex.py CVE-2022-40897 For more details abo...

_distributeProfit will use the stale globalIC.swingTraderCollateralDeficit()/swingTraderCollateralRatio(), which will result in incorrect profit distribution

Lines of code Vulnerability details Impact The distributeProfit called by handleProfit will use globalIC.swingTraderCollateralDeficit/swingTraderCollateralRatio when distributing profits, and the latest globalIC.swingTraderCollateralDeficit/swingTraderCollateralRatio needs to be used to ensure th...

CVE-2022-26032

Uncontrolled search path element in the IntelR Distribution for Python programming language before version 2022.1 for IntelR oneAPI Toolkits may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2022-26032

Uncontrolled search path element in the IntelR Distribution for Python programming language before version 2022.1 for IntelR oneAPI Toolkits may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2022-26032

Uncontrolled search path element in the IntelR Distribution for Python programming language before version 2022.1 for IntelR oneAPI Toolkits may allow an authenticated user to potentially enable escalation of privilege via local access...

Intel Distribution for Python 代码问题漏洞

Intel Distribution for Python is an IntelR distribution of Python optimized for Intel hardware. A security vulnerability exists in the Intel Distribution for Python programming language prior to version 2022.1, which stems from an uncontrolled search path element in the IntelR oneAPI toolkit, whi...

sellMalt has a calculation error that can lead to excessive profits

Lines of code Vulnerability details Impact SwingTraderManager.sellMalt will call SwingTrader.sellMalt to sell the Malt purchased earlier and give the profit to profitDistributor to distribute. uint256 basis, = costBasis; if maxAmount totalMaltBalance maxAmount = totalMaltBalance;...

PT-2023-12852 · Intel · Intel Distribution For Python

Name of the Vulnerable Software and Affected Versions: IntelR Distribution for Python versions prior to 2022.1 for IntelR oneAPI Toolkits Description: The issue is related to an uncontrolled search path element in the IntelR Distribution for Python programming language, which may allow an...

Rocky Linux 8 : container-tools:rhel8 (RLSA-2022:7457)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7457 advisory. - runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 whe...

SUSE CVE-2005-0488

Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENVUSERVAR command...

SUSE CVE-2005-1174

MIT Kerberos 5 krb5 1.3 through 1.4.1 Key Distribution Center KDC allows remote attackers to cause a denial of service application crash via a certain valid TCP connection that causes a free of unallocated memory...

SUSE CVE-2005-1175

Heap-based buffer overflow in the Key Distribution Center KDC in MIT Kerberos 5 krb5 1.4.1 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a certain valid TCP or UDP request...

SUSE CVE-2005-1279

tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service infinite loop via a crafted 1 BGP packet, which is not properly handled by RTROUTINGINFO, or 2 LDP packet, which is not properly handled by the ldpprint function...

SUSE CVE-2009-3295

The prepreprocessreq function in kdc/dotgsreq.c in the cross-realm referral implementation in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 before 1.7.1 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a ticket request...

SUSE CVE-2010-1320

Double free vulnerability in dotgsreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7.x and 1.8.x before 1.8.2 allows remote authenticated users to cause a denial of service daemon crash or possibly execute arbitrary code via a request associated with 1 renewal or 2 validation...

SUSE CVE-2010-1322

The mergeauthdata function in kdcauthdata.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.8.x before 1.8.4 does not properly manage an index into an authorization-data list, which allows remote attackers to cause a denial of service daemon crash, or possibly obtain sensitive...

SUSE CVE-2010-1323

MIT Kerberos 5 aka krb5 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center KDC, or forge a KRB-SAFE message via...

SUSE CVE-2011-1529

The lookuplockoutpolicy function in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 aka Berkeley DB or LDAP back end is used, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via vectors...

SUSE CVE-2011-1530

The processtgsreq function in dotgsreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.9 through 1.9.2 allows remote authenticated users to cause a denial of service NULL pointer dereference and daemon crash via a crafted TGS request that triggers an error other than the...