721 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-49471
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rtw89: cfo: check macid to avoid out-of-bounds Somehow, hardware reports incorrect macid and pollute memory. Check index before we access the array. UBSAN:...
CVE-2024-53014 Improper Validation of Array Index in Audio
Memory corruption may occur while validating ports and channels in Audio driver...
CVE-2022-49471 rtw89: cfo: check mac_id to avoid out-of-bounds
In the Linux kernel, the following vulnerability has been resolved: rtw89: cfo: check macid to avoid out-of-bounds Somehow, hardware reports incorrect macid and pollute memory. Check index before we access the array. UBSAN: array-index-out-of-bounds in rtw89/phy.c:2517:23 index 188 is out of rang...
CVE-2024-56596 jfs: fix array-index-out-of-bounds in jfs_readdir
In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in jfsreaddir The stbl might contain some invalid values. Added a check to return error code in that case...
kernel: wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter()
A possible array out-of-bounds read flaw was found in the Linux kernel. This issue may lead to a crash...
tpm2-tss: Buffer Overlow in TSS2_RC_Decode
A flaw was found in tpm2-tss, which is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Stack TSS2. In affected versions, Tss2RCSetHandler and Tss2RCDecode index into the layerhandler with an 8-bit layer number, but the array only ha...
RHEL 5 : libxxf86vm (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libXxf86vm: Multiple Array Index error leading to heap-based OOB write CVE-2013-2001 Note that Nessus has not teste...
RHEL 6 : transfig (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - transfig: Buffer underwrite in read.c:getline via crafted FIG file CVE-2018-16140 - An array index error ...
RHEL 5 : libxxf86dga (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libXxf86dga: Array Index error leading to heap-based OOB write CVE-2013-2000 - Multiple integer overflows...
RHEL 5 : libxt (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libXt: Array Index error leading to heap-based OOB write CVE-2013-2002 - libXt: Memory corruption due to...
RHEL 5 : libxi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libXi: Multiple Array Index error leading to heap-based OOB write CVE-2013-1998 - libXi: Insufficient...
RHEL 7 : transfig (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - transfig: Buffer underwrite in read.c:getline via crafted FIG file CVE-2018-16140 - An array index error ...
Campcodes Complete Web-Based School Management System SQL注入漏洞
Campcodes Complete Web-Based School Management System is a web-based school management system from Campcodes, Inc. An SQL injection vulnerability exists in the Complete Web-Based School Management System version 1.0, which stems from an incorrect operation of the parameter index that can lead to...
RHEL 7 : transfig (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - transfig: Buffer underwrite in read.c:getline via crafted FIG file CVE-2018-16140 - An array index error ...
RHEL 6 : transfig (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - transfig: Buffer underwrite in read.c:getline via crafted FIG file CVE-2018-16140 - An array index error ...
RHEL 5 : transfig (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - transfig: Buffer underwrite in read.c:getline via crafted FIG file CVE-2018-16140 - An array index error ...
wolfSSL Array Index Validation Error Vulnerability
wolfSSL CyaSSL is the United States wolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. An array index validation error vulnerability exists in wolfSSL version 5.6.3, which stems from failure to properly handle incoming error messages, and ca...
wolfSSL 安全漏洞
wolfSSL CyaSSL is the United States wolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. An array index validation error vulnerability exists in wolfSSL version 5.6.3, which stems from failure to properly handle incoming error messages, and ca...
CVE-2021-46984
In the Linux kernel, the following vulnerability has been resolved: kyber: fix out of bounds access when preempted blkmqschedbiomerge gets the ctx and hctx for the current CPU and passes the hctx to -biomerge. kyberbiomerge then gets the ctx for the current CPU again and uses that to get the...
CVE-2023-36308
disintegration Imaging 1.6.2 allows attackers to cause a panic because of an integer index out of range during a Grayscale call via a crafted TIFF file to the scan function of scanner.go. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequenc...