888 matches found
GHSA-JH75-99HH-QVX9 Django memory consumption vulnerability
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent...
PYSEC-2024-67
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent...
PYSEC-2024-67
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent...
Django 安全漏洞
Django is a set of open source web application frameworks based on the Python language from the Django Foundation. The framework includes an object-oriented mapper, view system, template system, and more. A security vulnerability exists in Django versions prior to 5.0 through 5.0.8 and 4.2 throug...
UBUNTU-CVE-2024-41989
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent...
OpenSSL 0.9.7 < 0.9.7k Vulnerability
The version of OpenSSL installed on the remote host is prior to 0.9.7k. It is, therefore, affected by a vulnerability as referenced in the 0.9.7k advisory. - OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before...
CVE-2023-52810
In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add check for negative dbl2nbperpage l2nbperpage is log2number of blks per page, and the minimum legal value should be 0, not negative. In the case of l2nbperpage being negative, an error will occur when subsequently used...
CVE-2023-52810
In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add check for negative dbl2nbperpage l2nbperpage is log2number of blks per page, and the minimum legal value should be 0, not negative. In the case of l2nbperpage being negative, an error will occur when subsequently used...
UBUNTU-CVE-2023-52816
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix shift out-of-bounds issue 567.613292 shift exponent 255 is too large for 64-bit type 'long unsigned int' 567.614498 CPU: 5 PID: 238 Comm: kworker/5:1 Tainted: G OE 6.2.0-34-generic 3422.04.1-Ubuntu 567.614502...
CVE-2023-52810
In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add check for negative dbl2nbperpage l2nbperpage is log2number of blks per page, and the minimum legal value should be 0, not negative. In the case of l2nbperpage being negative, an error will occur when subsequently used...
CVE-2023-52810 fs/jfs: Add check for negative db_l2nbperpage
In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add check for negative dbl2nbperpage l2nbperpage is log2number of blks per page, and the minimum legal value should be 0, not negative. In the case of l2nbperpage being negative, an error will occur when subsequently used...
The vulnerability of the rsa_check_exponent_fips() function in the crypto/rsa.c module of the Linux operating system’s RSA implementation allows a hacker to compromise the accessibility of the protected information.
The vulnerability of the rsacheckexponentfips function in the crypto/rsa.c module of the Linux operating system’s RSA implementation is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to compromise the accessibility of the protected information...
DEBIAN-CVE-2021-47044
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix shift-out-of-bounds in loadbalance Syzbot reported a handful of occurrences where an sd-nrbalancefailed can grow to much higher values than one would expect. A successful loadbalance resets it to 0; a failed one...
UBUNTU-CVE-2021-47044
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix shift-out-of-bounds in loadbalance Syzbot reported a handful of occurrences where an sd-nrbalancefailed can grow to much higher values than one would expect. A successful loadbalance resets it to 0; a failed one...
CLSA-2023-1698945053 libgcrypt: Fix of 4 CVEs
CVE-2013-4576: Normalize the MPIs to prevent possible side-channel attacks - CVE-2014-3591: Use ciphertext blinding for Elgamal to prevent possible side-channel attacks - CVE-2021-33560: Use of smaller K for ephemeral key in ElGamal prevent generation of weak keys - CVE-2021-40528: Add exponent...
Buffer Overflow
libmujs.so is vulnerable to Buffer Overflows. The vulnerability exists in jsstrtod function of jsdtoa.c when jsstrtod reads in floating point exponent which allows an attacker to cause a buffer overflow which leads to an application crash...
SUSE CVE-2021-33797
Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when jsstrtod reads in floating point exponent, which leads to a buffer overflow in the pointer d...
CVE-2021-33797
Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when jsstrtod reads in floating point exponent, which leads to a buffer overflow in the pointer d...
DEBIAN-CVE-2021-33797
Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when jsstrtod reads in floating point exponent, which leads to a buffer overflow in the pointer d...
CVE-2021-33797
Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when jsstrtod reads in floating point exponent, which leads to a buffer overflow in the pointer d...