246 matches found
RLSA-2024:1822 Moderate: java-11-openjdk security update
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: long Exception message leading to crash 8319851 CVE-2024-21011 OpenJDK: integer overflow in C1 compiler address generation 8322122 CVE-2024-21068...
RHEL 7 : java-11-openjdk (RHSA-2024:1821)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1821 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...
RHEL 9 : OpenShift Container Platform 4.13.3 (RHSA-2023:3540)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3540 advisory. Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built fr...
The vulnerability of the h.265 Libde265 implementation lies in buffer overflow attacks, which allow attackers to cause service failures.
The vulnerability of the h.265 Libde265 implementation is related to the amount of memory allocated, which exceeds the maximum supported size of 0x10000000000. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
Denial Of Service (DOS)
github.com/sigstore/cosign is vulnerable to a Denial of Service DoS. The vulnerability is due to allocating excessive memory when creating slices based on the number of signatures, manifests, or attestations in untrusted artifacts. This flaw allows an attacker to trigger a Denial of Service via...
CLSA-2023-1696877581 binutils: Fix of 9 CVEs
CVE-2017-16831: Fix excessive memory allocation attempts and possible integer overflows when attempting to read a COFF binary with a corrupt symbol count - CVE-2020-19726: Fix parsing a corrupt PE format file - CVE-2021-45078: Fix out-of-bounds write in stabxcoffbuiltintype - CVE-2021-46174: Fix...
Oracle Linux 8 : exiv2 (ELSA-2020-1577)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1577 advisory. exiv2 0.27.2-5 - Fix failing test Resolves: bz1800472 0.27.2-4 - Drop test for the previous CVE as we test it manually and we dont have POC available...
CVE-2023-24534 Excessive memory allocation in net/http and net/textproto
HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a denial of service. Certain unusual patterns of input data can cause the common function used to parse HTTP and MIME headers to allocate substantially more memory than requir...
SUSE-SU-2023:1792-1 Security update for go1.19
This update for go1.19 fixes the following issues: Update to 1.19.8 CVE-2023-24534: security: net/http, net/textproto: denial of service from excessive memory allocation bsc1210127 CVE-2023-24536: security: net/http, net/textproto, mime/multipart: denial of service from excessive resource...
SUSE CVE-2019-6988
An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of service attempted excessive memory allocation in opjcalloc in openjp2/opjmalloc.c, when called from opjtcdinittile in openjp2/tcd.c, as demonstrated by the 64-bit opjdecompress...
NewStart CGSL MAIN 6.02 : libwebp Multiple Vulnerabilities (NS-SA-2022-0091)
The remote NewStart CGSL host, running version MAIN 6.02, has libwebp packages installed that are affected by multiple vulnerabilities: - A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16. CVE-2018-25009 - A heap-based buffer overflow was found in libwebp in...
java security update
CentOS Errata and Security Advisory CESA-2022:7008 An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
ALSA-2022:7013 Moderate: java-11-openjdk security and bug fix update
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: improper MultiByte conversion can lead to buffer overflow JGSS, 8286077 CVE-2022-21618 OpenJDK: excessive memory allocation in X.509 certificate...
Moderate: Red Hat Security Advisory: java-17-openjdk security update
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Moderate: Red Hat Security Advisory: java-11-openjdk security update
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
Moderate: java-1.8.0-openjdk security update
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: excessive memory allocation in X.509 certificate parsing Security, 8286533 CVE-2022-21626 OpenJDK: HttpServer no connection count limit...
RHEL 8 : java-11-openjdk (RHSA-2022:7010)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7010 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...
PT-2022-23166 · Unknown · Github.Com/Gagliardetto/Binary
Name of the Vulnerable Software and Affected Versions: github.com/gagliardetto/binary versions prior to v0.7.1 Description: The issue is a memory allocation vulnerability that can be exploited to allocate slices in memory with excessive size values, potentially exhausting available memory or...
CVE-2022-38155
TEEMalloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive Memory Allocation via a large len value, as demonstrated by a Numaker-PFM-M2351 TEE kernel crash...
Design/Logic Flaw
TEEMalloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive Memory Allocation via a large len value, as demonstrated by a Numaker-PFM-M2351 TEE kernel crash...