Lucene search
K

155 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:59 a.m.5 views

SUSE CVE-2016-6323

The makecontext function in the GNU C Library aka glibc or libc6 before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI 32-bit platforms, which might allow context-dependent attackers to cause a denial of service hang, as demonstrated by applications compiled using gccg...

7.5CVSS8.8AI score0.03841EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:36 a.m.2 views

SUSE CVE-2017-17913

In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type...

8.8CVSS7.2AI score0.01606EPSS
Exploits0References4
OSV
OSV
added 2023/01/24 12:0 p.m.10 views

RUSTSEC-2023-0028 buf_redux is Unmaintained

Last release was over three years ago. The maintainers have been unreachable to respond to any issues that may or may not include security issues. The repository is now archived and there is no security policy in place to contact the maintainers otherwise. The safety-undocumented unsafe in the...

7.3AI score
Exploits0References3
RustSec
RustSec
added 2023/01/24 12:0 p.m.26 views

buf_redux is Unmaintained

Last release was over three years ago. The maintainers have been unreachable to respond to any issues that may or may not include security issues. The repository is now archived and there is no security policy in place to contact the maintainers otherwise. The safety-undocumented unsafe in the...

6.7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.7 views

The vulnerability of the EAP-pwd client implementation for Wi-Fi WPA Supplicant allows information disclosure due to incompatibility, enabling attackers to expose sensitive information.

The vulnerability of the EAP-pwd client implementation for Wi-Fi WPA Supplicant is related to the disclosure of information due to incompatibility. This vulnerability allows a malicious actor to disclose the protected information remotely...

10CVSS7.4AI score0.01903EPSS
Exploits0References16Affected Software11
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.6 views

The vulnerability of the SAE implementation for secure Wi-Fi access control software, WPA Supplicant, arises from information disclosure due to incompatibility. This allows attackers to expose the protected information.

The vulnerability of the SAE implementation for the Wi-Fi Protected Access Point’s WPA Supplicant is related to the disclosure of information due to incompatibility. This vulnerability allows a malicious actor to disclose the protected information remotely...

10CVSS7.4AI score0.02944EPSS
Exploits0References16Affected Software11
BDU FSTEC
BDU FSTEC
added 2022/12/02 12:0 a.m.5 views

The vulnerability of the TLS implementation in Cisco Firepower Threat Defense’s microprogramming network interface devices allows attackers to gain unauthorized access to protected information.

The vulnerability of the TLS implementation in Cisco Firepower Threat Defense’s microprogramming network interface controllers is related to the disclosure of information due to incompatibility. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access...

5.3CVSS5.9AI score0.00646EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2022/10/27 4:15 p.m.22 views

Design/Logic Flaw

The implementation of backslash parsing in the Dart URI class for versions prior to 2.18 and Flutter versions prior to 3.30 differs from the WhatWG URL standards. Dart uses the RFC 3986 syntax, which creates incompatibilities with the '' characters in URIs, which can lead to auth bypass in webapp...

7.5CVSS9.4AI score0.00867EPSS
Exploits0References1Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/08/22 12:0 a.m.6 views

The vulnerability of Intel microprogramming software, related to the disclosure of information through incompatibility, allows attackers to disclose protected information.

The vulnerability of Intel microprogramming software is related to the disclosure of information through incompatibility. Exploiting this vulnerability can allow an intruder to disclose the protected information...

5.5CVSS5.9AI score0.0024EPSS
Exploits0References3
Code423n4
Code423n4
added 2022/06/26 12:0 a.m.7 views

Upgraded Q -> H from 104 [1656255316696]

Judge has assessed an item in Issue 104 as High risk. The relevant finding follows: L02: Incompatibility with ERC-4626 Line References Description The EIP-4626 specification requires that totalAssets to NOT revert, but the current implementation does so in the underlying methods: int256...

7AI score
Exploits0
Fedora
Fedora
added 2022/06/20 12:41 a.m.38 views

[SECURITY] Fedora 36 Update: python2.7-2.7.18-22.fc36

Python 2 is an old version of the language that is incompatible with the 3.x line of releases. The language is mostly the same, but many details, especial ly how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been...

7.6CVSS8.1AI score0.07017EPSS
Exploits1
OSV
OSV
added 2022/01/16 12:0 a.m.29 views

GHSA-7MHC-PRGV-R3Q4 Access of Resource Using Incompatible Type in Hermes

By passing invalid javascript code where await and yield were called upon non-async and non-generator getter/setter functions, Hermes would invoke generator functions and error out on invalid await/yield positions. This could result in segmentation fault as a consequence of type confusion error,...

9.8CVSS9.5AI score0.0126EPSS
Exploits0References3
OSV
OSV
added 2021/11/03 1:57 p.m.9 views

SUSE-SU-2021:3602-1 Security update for tomcat

This update for tomcat, javapackages-tools fixes the following issue: Security issue fixed: - CVE-2021-30640: Escape parameters in JNDI Realm queries bsc1188279. - CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1. clients bsc1188278. - CVE-2021-41079: Fixed a denial of service...

7.5CVSS6.3AI score0.75353EPSS
Exploits1References8
BDU FSTEC
BDU FSTEC
added 2021/11/02 12:0 a.m.2 views

The vulnerability of the SysController and MailHandlerController components of the Redmine project and task management web application, related to the disclosure of information due to incompatibility, allows a hacker to gain access to confidential data.

The vulnerability of the SysController and MailHandlerController components in the Redmine project and task management web application is related to changes in the time required for string comparison operations. Exploiting this vulnerability could allow a malicious actor to gain access to...

5.3CVSS5.9AI score0.01215EPSS
Exploits0References8Affected Software3
Debian
Debian
added 2021/10/15 12:36 a.m.11 views

RM: calibre/buster-backports -- ROM; no security support; bpo10s of a newer version are impossible

Dear Backports admins, I am requesting the removal of calibre from buster-backports, because it has no security support and because newer versions of Calibre depend on a newer Qt version that cannot be backported. I delayed this request until Bullseye was released, so that users would have a...

1.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/10/05 12:0 a.m.4 views

The vulnerability of the Linux operating system’s kernel, related to information disclosure through discrepancies, allows attackers to read a portion of the kernel’s memory.

The vulnerability of the Linux operating system’s kernel is related to the exposure of information through incompatibility. Exploiting this vulnerability allows an attacker to read a portion of the kernel’s memory...

5.5CVSS6.5AI score0.00419EPSS
Exploits2References29Affected Software7
BDU FSTEC
BDU FSTEC
added 2021/10/05 12:0 a.m.5 views

The vulnerability of the Linux operating system’s kernel, related to the exposure of information through inconsistencies, allows attackers to obtain confidential information.

The vulnerability of the Linux operating system’s kernel is related to the exposure of information through incompatibility. Exploiting this vulnerability can allow an attacker to obtain confidential information...

5.5CVSS6.5AI score0.0046EPSS
Exploits0References30Affected Software7
BDU FSTEC
BDU FSTEC
added 2021/07/06 12:0 a.m.5 views

The vulnerability of Intel microprogramming software, related to the disclosure of information through incompatibility, allows attackers to disclose protected information.

The vulnerability of Intel microprogramming software is related to the disclosure of information through incompatibility. Exploiting this vulnerability can allow an attacker to disclose the protected information...

3.3CVSS6.1AI score0.00383EPSS
Exploits0References8Affected Software4
Code423n4
Code423n4
added 2021/05/19 12:0 a.m.6 views

Incompatability with deflationary / fee-on-transfer tokens

Handle cmichel Vulnerability details Vulnerability Details The DInterest.deposit function takes a depositAmount parameter but this parameter is not the actual transferred amount for fee-on-transfer / deflationary or other rebasing tokens. Impact The actual deposited amount might be lower than the...

6.9AI score
Exploits0
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2017:2616-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7AI score0.93307EPSS
Exploits33References14
Rows per page
Query Builder