32 matches found
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the LFS object reuse process. An attacker can gain unauthorized access to private source objects by leveraging repository access without having the required Code-unit permissions...
CVE-2026-28740
Gitea versions up to and including 1.26.2 allow Git LFS object reuse to authorize private source objects for users who have repository access but lack Code-unit access...
Stack-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the bz2.BZ2Decompressor objects. An attacker can cause out-of-bounds writes to a stack buffer by reusing a decompressor object after a decompression error and providing crafted input. This can result in...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability, which stems from the reuse of objects released by InterestGroups...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a security vulnerability that stems from the reuse of objects after their release...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a security vulnerability that stems from the reuse of objects after their release...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a security vulnerability that stems from the reuse of objects after their release...
gitea -- multiple vulnerabilities
The Gitea team reports: CVE-2026-27783: incorrect read permission check CVE-2026-25714: public-only token filtering bypass CVE-2026-20706: missing token scope checking CVE-2026-27771: unauthenticated access to private container images CVE-2026-28744: git smart HTTP request scope bug CVE-2026-2869...
Apple多款产品 安全漏洞
Apple iOS and other products are owned by the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...
Apple多款产品 安全漏洞
Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple tvOS is an operating system for smart TVs. Apple watchOS is an operating system for smart watches. Several Apple products have security vulnerabilities; these...
PowerDNS DNSdist 安全漏洞
PowerDNS DNSdist is a proxy software provided by PowerDNS, which offers capabilities for DNS traffic load balancing and security protection. PowerDNS DNSdist has a security vulnerability that stems from the use of the DNSQuestion:getEDNSOptions method, where objects are reclaimed and reused,...
Apple多款产品 安全漏洞
Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...
EUVD-2014-9657
Malware in sbrugna...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the reuse of a working object after its release...
USN-7562-1 tomcat vulnerabilities
It was discovered that Tomcat did not include the secure attribute for session cookies when using the RemoteIpFilter with requests from a reverse proxy. An attacker could possibly use this issue to leak sensitive information. This issue was fixed for tomcat8 on Ubuntu 18.04 LTS and for tomcat9 on...
Security Bulletin: Vulnerabilities in Apache Tomcat affect watsonx.data
Summary Apache Tomcat is vulnerable to an unchecked error condition attack and to incorrect object re-cycling and re-use attack. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2024-52316 DESCRIPTION: Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured...
Foxit PDF Reader 安全漏洞
Foxit PDF Reader is a PDF reader from the Chinese company Foxit. A security vulnerability exists in Foxit PDF Reader, which originates from a remote code execution vulnerability in the AcroForm Doc object reuse after release...
Linux kernel 资源管理错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a denial of service vulnerability that can be exploited by an attacker to cause mdev-addrs object to be reused and denied service after release...
CVE-2023-26495
An issue was discovered in Open Design Alliance Drawings SDK before 2024.1. A crafted DWG file can force the SDK to reuse an object that has been freed. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code...
SUSE CVE-2014-9852
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors...