1026 matches found
AZL-43666 CVE-2022-31650 affecting package sox 14.4.2.0-34
In SoX 14.4.2, there is a floating-point exception in lsxaiffstartwrite in aiff.c in libsox.a...
GHSA-GJJX-GQM4-WCGM Uncontrolled Resource Consumption in Undertow
It was found that URLResource.getLastModified in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak...
Uncontrolled Resource Consumption in Undertow
It was found that URLResource.getLastModified in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak...
kernel: cgroup: Use open-time creds and namespace for migration perm checks
An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1...
Denial Of Service (DoS)
LibTIFF is vulnerable to denial of service. The vulnerability exists due to a lack of sanitization via the TIFF File Handler of tiff2ps allowing an attacker to crash the system...
DEBIAN-CVE-2022-1210
A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the...
CVE-2022-1210
A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the...
AZL-9302 CVE-2022-1210 affecting package libtiff for versions less than 4.4.0-1
A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the...
CVE-2022-1210
A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the...
Design/Logic Flaw
A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the...
UBUNTU-CVE-2022-1210
A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the...
CVE-2022-1210 LibTIFF tiff2ps resource consumption
A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the...
CVE-2022-1210
CVE-2022-1210 affects LibTIFF 4.3.0, specifically the TIFF File Handler in tiff2ps. Opening a malicious TIFF can cause a denial of service; the vulnerability is remotely exploitable but requires user interaction. The exploit has been disclosed publicly. The connected documents confirm the affecte...
An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system.
...
CVE-2021-4197
An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1...
DEBIAN-CVE-2022-26520
In pgjdbc before 42.3.3, an attacker who controls the jdbc URL or properties can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JSP file under a Tomcat...
Directory Traversal
convert-svg-core, convert-svg-to-png and convert-svg-to-jpeg are vulnerable to directory traversal. The vulnerability exists because of the code of the component SVG File Handler which allows an attacker to read arbitrary files from the file system and then show the file content using a specially...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.15 and fixes at least the following security issues: A data leak flaw was found in the way XFSIOCALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS...
CVE-2021-4197
An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1...
Denial Of Service (DoS) Through Heap Buffer Overflow
libheif.so is vulnerable to denial of service through heap-based buffer overflow attacks. The vulnerability exists in 'convertcolorspace' in 'heifcolorconversion.cc' of the heif file handler. A malicious attacker is able to send a crafted HEIF to gain sensitive information and cause an applicatio...