Lucene search
K

769 matches found

SUSE Linux
SUSE Linux
added 2025/02/03 5:6 p.m.1 views

Security update for orc

This update for orc fixes the following issues: CVE-2024-40897: Fixed stack-based buffer overflow in the Orc compiler when formatting error messages for certain input files bsc1228184 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

7CVSS7.4AI score0.00379EPSS
Exploits0References4
OSV
OSV
added 2025/02/03 8:57 a.m.2 views

SUSE-SU-2025:20060-1 Security update for orc

This update for orc fixes the following issues: - CVE-2024-40897: Fixed a stack-based buffer overflow when formatting error messages bsc1228184...

7CVSS7.6AI score0.00379EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/02/03 8:57 a.m.2 views

Security update for orc

This update for orc fixes the following issues: CVE-2024-40897: Fixed a stack-based buffer overflow when formatting error messages bsc1228184 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...

7CVSS7.8AI score0.00379EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/02/03 12:0 a.m.5 views

The vulnerability of the CleanNode() function in the gdoc.c component of the HTML formatting tool allows a hacker to trigger a service failure.

The vulnerability of the CleanNode function in the gdoc.c component of the HTML formatting tool Tidy is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...

10CVSS7.7AI score0.01128EPSS
Exploits1References9Affected Software4
SUSE Linux
SUSE Linux
added 2025/01/31 4:3 p.m.1 views

Security update for orc

This update for orc fixes the following issues: CVE-2024-40897: Fixed stack-based buffer overflow in the Orc compiler when formatting error messages for certain input files bsc1228184 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

7CVSS7.8AI score0.00379EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2025/01/30 1:13 a.m.154 views

USN-7244-1: Jinja2 vulnerabilities

It was discovered that Jinja2 incorrectly handled certain filenames when compiling template content. An attacker could possibly use this issue to execute arbitrary code. CVE-2024-56201 It was discovered that Jinja2 incorrectly handled string formatting calls. An attacker could possibly use this...

8.8CVSS7.5AI score0.005EPSS
Exploits0
OSV
OSV
added 2025/01/30 1:13 a.m.2 views

USN-7244-1 jinja2 vulnerabilities

It was discovered that Jinja2 incorrectly handled certain filenames when compiling template content. An attacker could possibly use this issue to execute arbitrary code. CVE-2024-56201 It was discovered that Jinja2 incorrectly handled string formatting calls. An attacker could possibly use this...

8.8CVSS7.2AI score0.005EPSS
Exploits0References3
OSV
OSV
added 2025/01/17 10:44 p.m.5 views

CLSA-2025-1737153872 vim: Fix of CVE-2023-0433

CVE-2023-0433: check for not going over the end of the line to fix reading past the end of a line when formatting text...

7.8CVSS7.1AI score0.00555EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2025/01/13 10:52 a.m.3 views

firefox: thunderbird: Use-after-free when breaking lines in text

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash...

5.3CVSS7.3AI score0.00797EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/12/23 12:0 a.m.12 views

Amazon Linux 2 : libxml2 (ALAS-2024-2717)

The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2717 advisory. An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint...

7.5CVSS7.1AI score0.02298EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/12/11 4:19 p.m.2 views

kernel: s390/dasd: fix error recovery leading to data corruption on ESE devices

In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error recovery leading to data corruption on ESE devices Extent Space Efficient ESE or thin provisioned volumes need to be formatted on demand during usual IO processing. The dasdeseneedsformat function checks for...

7.8CVSS6.5AI score0.00243EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.21 views

Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2024-783)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-783 advisory. An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in...

7.5CVSS7AI score0.02298EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/11/29 12:0 a.m.3 views

Backdrop CMS 安全漏洞

Backdrop CMS is a content management system CMS from Backdrop CMS open source. A security vulnerability exists in Backdrop CMS version 1.28.X prior to 1.28.4 and version 1.29.X prior to 1.29.2, which stems from a text formatting that allows the use of SVG markup, which makes it vulnerable to...

6.1CVSS5.9AI score0.00283EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/27 12:0 a.m.4 views

Zabbix 格式化字符串错误漏洞

Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring, and application monitoring. A Formatting String Error vulnerability exists in Zabbix versions 6.0.0 through 6.0.33, 6.4.0 through 6.4.18, and 7.0.0 through 7.0.3,...

9.1CVSS8.7AI score0.00952EPSS
Exploits0References3
Spring Security Advisories
Spring Security Advisories
added 2024/11/19 12:0 a.m.39 views

This Week in Spring - November 19th, 2024

Hi, Spring fans! How are you? Can you believe we're already staring at the end of the month? It's that time of the year when we see new releases, and the new releases reflect that frenzy! Soon: Spring Boot 3.4.0! Are you updated? Make sure you're updated! Remember: Spring projects leave open sour...

5.3CVSS6.8AI score0.00729EPSS
Exploits0
F5 Networks
F5 Networks
added 2024/11/05 11:43 p.m.22 views

K000148401: libxml2 vulnerability CVE-2024-34459

Security Advisory Description An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c. CVE-2024-34459 Impact There is no impact; F5 products ar...

7.5CVSS6.8AI score0.02298EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/10/27 12:0 a.m.12 views

EulerOS Virtualization 2.12.1 : libxml2 (EulerOS-SA-2024-2755)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint...

7.5CVSS7AI score0.02298EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/10/27 12:0 a.m.8 views

EulerOS Virtualization 2.12.0 : libxml2 (EulerOS-SA-2024-2773)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint...

7.5CVSS7AI score0.02298EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/10/22 12:0 a.m.2 views

Zend Server 格式化字符串错误漏洞

Zend Server is a complete and certified PHP distribution stack from Zend USA. A security vulnerability exists in Zend Server that stems from the inclusion of a formatting string injection issue...

9.3CVSS7.2AI score0.00408EPSS
Exploits0References2
OSV
OSV
added 2024/10/12 11:9 a.m.2 views

OESA-2024-2243 fop security update

FOP Formatting Objects Processor is a print formatter driven by XSL formatting objects XSL-FO and an output independent formatter. It is a Java application that reads a formatting object FO tree and renders the resulting pages to a specified output. Output formats currently supported include PDF,...

7.5CVSS6.9AI score0.01003EPSS
Exploits0References2
Rows per page
Query Builder