109 matches found
Design/Logic Flaw
The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers...
CVE-2024-24784
The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers...
GO-2024-2609 Comments in display names are incorrectly handled in net/mail
The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers...
CVE-2021-46976
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix crash in autoretire The retire logic uses the 2 lower bits of the pointer to the retire function to store flags. However, the autoretire function is not guaranteed to be aligned to a multiple of 4, which causes...
AI Decides to Engage in Insider Trading
A stock-trading AI a simulated experiment engaged in insider trading, even though it "knew" it was wrong. The agent is put under pressure in three ways. First, it receives a email from its "manager" that the company is not doing well and needs better performance in the next quarter. Second, the...
SUSE CVE-2021-28704
PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...
SUSE CVE-2021-28708
PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...
RUSTSEC-2022-0094 Mimalloc Can Allocate Memory with Bad Alignment
This crate depended on a promise regarding alignments made by the author of the mimalloc allocator to avoid using aligned allocation functions where possible for performance reasons. Since then, the mimalloc allocator's logic changed, making it break this promise. This caused this crate to return...
Why Organizations Struggle with Patch Management (and What to Do about It)
The cybersecurity attack surface continues to grow exponentially. Modern technologies are being deployed on-premises and in the cloud as part of digital transformation journeys. Meanwhile, the current practice of identifying, classifying, prioritizing, and remediating vulnerabilities has become...
UBUNTU-CVE-2022-36319
When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. This vulnerability affects Firefox ESR 102.1, Firefox ESR 91.12, Firefox 103, Thunderbird 102.1, and Thunderbird 91.12...
SUSE-SU-2022:2301-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - CVE-2022-32545: Fixed an outside the range of representable values of type. bsc1200388 - CVE-2022-32546: Fixed an outside the range of representable values of type. bsc1200389 - CVE-2022-32547: Fixed a load of misaligned address at...
CVE-2022-32547
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application...
DEBIAN-CVE-2022-32547
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application...
Design/Logic Flaw
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application...
CVE-2022-23639
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...
CVE-2021-28708
PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...
PT-2024-11085 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel version 5.4.105-13595-g3cd84167b2df Description: The retire logic in the Linux kernel's drm/i915 module uses the 2 lower bits of the pointer to the retire function to store flags. However, the auto retire function is not guarante...
Chunk API does not respect align requirement
Chunk API does not respect the align requirement of types. Unaligned reference can be created with the API, which is an undefined behavior...
ImageMagick stack buffer overflow vulnerability (CNVD-2019-29232)
ImageMagick Studio ImageMagick is the United States ImageMagick Studio company's set of open source image processing software. A stack buffer overflow vulnerability exists in WritePNMImage in coders/pnm.c in ImageMagick 7.0.8-50 Q16. The vulnerability stems from a strncpy misalignment and the...
Denial Of Service (DoS)
Linux Kernel is vulnerable to denial of service DoS attacks. This occurs when an application punches a hole in a file that doesn't end aligned to a page boundary. A non-privileged user could mount a fuse filesystem on RHEL causing an application crash...