25 matches found
TencentOS Server 4: rust (TSSA-2026:0559)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0559 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
ruby: ReDoS vulnerability in Time
A flaw was found in the Time gem and Time library of Ruby. The Time parser mishandles invalid strings with specific characters and causes an increase in execution time for parsing strings to Time objects. This issue may result in a Regular expression denial of service ReDoS...
Amazon Linux 2023 : cargo, clippy, rust (ALAS2023-2026-1568)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1568 advisory. A flaw in the gix-date library can generate invalid non-UTF8 strings, leading to undefined behavior when processed. The most likely impact from a successful attack is to data integrity, by the...
ruby: ReDoS vulnerability in Time
A flaw was found in the Time gem and Time library of Ruby. The Time parser mishandles invalid strings with specific characters and causes an increase in execution time for parsing strings to Time objects. This issue may result in a Regular expression denial of service ReDoS...
ruby: ReDoS vulnerability in Time
A flaw was found in the Time gem and Time library of Ruby. The Time parser mishandles invalid strings with specific characters and causes an increase in execution time for parsing strings to Time objects. This issue may result in a Regular expression denial of service ReDoS...
CVE-2026-0810 Gix-date: gix-date: undefined behavior due to invalid string generation
A flaw was found in gix-date. The gixdate::parse::TimeBuf::asstr function can generate strings containing invalid non-UTF8 characters. This issue violates the internal safety invariants of the TimeBuf component, leading to undefined behavior when these malformed strings are subsequently processed...
CLSA-2025-1767000167 php: Fix of CVE-2025-1735
CVE-2025-1735: add error checks to prevent crashes and improperly escaped data when PostgreSQL rejects invalid strings...
EUVD-2007-2718
Malware in sbrugna...
EUVD-2020-28199
Malware in sbrugna...
EUVD-2011-2702
Malware in sbrugna...
CVE-2020-27840
...
UBUNTU-CVE-2024-42236
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Prevent OOB read/write in usbstringcopy Userspace provided string 's' could trivially have the length zero. Left unchecked this will firstly result in an OOB read in the form if str0 - 1 == '\n' followed...
ruby: ReDoS vulnerability in Time
A flaw was found in the Time gem and Time library of Ruby. The Time parser mishandles invalid strings with specific characters and causes an increase in execution time for parsing strings to Time objects. This issue may result in a Regular expression denial of service ReDoS...
ruby: ReDoS vulnerability in Time
A flaw was found in the Time gem and Time library of Ruby. The Time parser mishandles invalid strings with specific characters and causes an increase in execution time for parsing strings to Time objects. This issue may result in a Regular expression denial of service ReDoS...
ruby: ReDoS vulnerability in Time
A flaw was found in the Time gem and Time library of Ruby. The Time parser mishandles invalid strings with specific characters and causes an increase in execution time for parsing strings to Time objects. This issue may result in a Regular expression denial of service ReDoS...
ruby: ReDoS vulnerability in Time
A flaw was found in the Time gem and Time library of Ruby. The Time parser mishandles invalid strings with specific characters and causes an increase in execution time for parsing strings to Time objects. This issue may result in a Regular expression denial of service ReDoS...
ruby: ReDoS vulnerability in Time
A flaw was found in the Time gem and Time library of Ruby. The Time parser mishandles invalid strings with specific characters and causes an increase in execution time for parsing strings to Time objects. This issue may result in a Regular expression denial of service ReDoS...
SUSE CVE-2019-1010238
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pangolog2visgetembeddinglevels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when...
Memory corruption
PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output...
USN-3407-1 pyjwt vulnerability
It was discovered that a vulnerability in PyJWT doesn't check invalidstrings properly for some public keys. A remote attacker could take advantage of a key confusion to craft JWTs from scratch...