23182 matches found
SUSE CVE-2024-47600
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been detected in the formatchannelmask function in gst-discoverer.c. The vulnerability affects the local array position, which is defined with a fixed size of 64 elements. However, the...
The vulnerability of the SAP NetWeaver AS for Java software platform, related to the leakage of information about files and directories, allows attackers to circumvent existing security restrictions.
The vulnerability of the SAP NetWeaver AS for Java software platform is related to the leakage of information about files and directories. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions by using specially created PDF files...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-49895)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49895 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds...
org.http4k:http4k (>=4.3.3.0 <=4.3.4.1) potentially affected by CVE-2024-55875 via org.http4k:http4k-format-xml (>=4.3.3.0 <=4.3.4.1)
org.http4k:http4k-format-xml MAVEN version =4.3.3.0, =4.3.3.0, =4.3.4.1 Source cves: CVE-2024-55875 Source advisory: OSV:GHSA-7MJ5-HJJJ-8RGW...
AZL-62396 CVE-2024-47600 affecting package gstreamer1 1.20.0-2
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been detected in the formatchannelmask function in gst-discoverer.c. The vulnerability affects the local array position, which is defined with a fixed size of 64 elements. However, the...
AZL-54359 CVE-2024-47600 affecting package gstreamer1-plugins-base 1.20.0-3
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been detected in the formatchannelmask function in gst-discoverer.c. The vulnerability affects the local array position, which is defined with a fixed size of 64 elements. However, the...
ALPINE-CVE-2024-47600
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been detected in the formatchannelmask function in gst-discoverer.c. The vulnerability affects the local array position, which is defined with a fixed size of 64 elements. However, the...
AZL-54294 CVE-2024-47600 affecting package gstreamer1-plugins-base 1.20.0-3
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been detected in the formatchannelmask function in gst-discoverer.c. The vulnerability affects the local array position, which is defined with a fixed size of 64 elements. However, the...
Important: ghostscript
Issue Overview: PS interpreter - check the type of the Pattern Implementation NOTE: https://bugs.ghostscript.com/showbug.cgi?id=707991 NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8 NOTE:...
UBUNTU-CVE-2024-47600
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been detected in the formatchannelmask function in gst-discoverer.c. The vulnerability affects the local array position, which is defined with a fixed size of 64 elements. However, the...
Important: ghostscript
Issue Overview: PS interpreter - check the type of the Pattern Implementation NOTE: https://bugs.ghostscript.com/showbug.cgi?id=707991 NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8 NOTE:...
CVE-2022-48063
...
php: Password_verify() always return true with some hash
A vulnerability was found in PHP. This security flaw occurs when malformatted BCrypt hashes that include a $ within their salt part trigger a buffer overread and may erroneously validate any password as valid...
kernel: s390/dasd: fix error recovery leading to data corruption on ESE devices
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error recovery leading to data corruption on ESE devices Extent Space Efficient ESE or thin provisioned volumes need to be formatted on demand during usual IO processing. The dasdeseneedsformat function checks for...
GStreamer 缓冲区错误漏洞
GStreamer is an open source set of frameworks for processing streaming media from GStreamer. GStreamer suffers from a buffer error vulnerability that stems from the detection of an out-of-bounds read vulnerability in the formatchannelmask function in gst-discoverer.c. The vulnerability is caused ...
UBUNTU-CVE-2024-46657
Artifex Software mupdf v1.24.9 was discovered to contain a segmentation fault via the component /tools/pdfextract.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted PDF file...
WordPress ImageRecycle pdf & image compression plugin <= 3.1.16 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by thiennv Patchstack Alliance in WordPress Plugin ImageRecycle pdf & image compression versions = 3.1.16...
Advisory ROSA-SA-2024-2541
software: tcl 8.6.13 WASP: ROSA-CHROME packageevrstring: tcl-8.6.13-1 CVE-ID: CVE-2021-35331 BDU-ID: 2022-01774 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the nmakehlp.c component of the Tcl programming language is related to insufficient format string handling. Exploitation of the...
SUSE CVE-2024-53589
GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD Binary File Descriptor library's handling of tekhex format files...
GeoServer < 2.23.4 Multiples Vulnerabilities
According to its banner, the version of GeoServer running on the remote host is prior to 2.23.5 or 2.24.0 prior to 2.24.2. It is, therefore, affected by Multiples Vulnerabilities : - An Arbitrary file upload vulnerability in REST Coverage Store API - A Stored Cross-Site Scripting XSS vulnerabilit...