Astra Linux - уязвимость в libfcgi

FastCGI’s fgi2 also known as fgi versions from 2.2 through 2.4.4 have a integer overflow vulnerability, which can lead to a heap-based buffer overflow when crafted nameLen or valueLen values are passed to the IPC socket. This issue occurs in the ReadParams function in the fcgiapp.c file...

python-pillow: buffer overflow in _imagingcms.c

A flaw was found in Pillow. The cmstransformnew function in src/imagingcms.c does not validate the length of its parameters before copying them into fixed-size buffers, leading to a buffer overflow, resulting in a denial of service...

python-pillow: buffer overflow in _imagingcms.c

A flaw was found in Pillow. The cmstransformnew function in src/imagingcms.c does not validate the length of its parameters before copying them into fixed-size buffers, leading to a buffer overflow, resulting in a denial of service...

CVE-2023-48429

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 2. The Web UI of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the server. The server will automaticall...

PT-2023-30849 · Siemens · Sinec Ins

Name of the Vulnerable Software and Affected Versions: SINEC INS versions prior to V1.0 SP2 Update 2 Description: A vulnerability has been identified in the REST API of affected devices, where it does not check the length of parameters in certain conditions. This allows a malicious admin to crash...

USN-4966-2: libx11 vulnerability

USN-4966-1 fixed a vulnerability in libx11. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that libx11 incorrectly validated certain parameter lengths. A remote attacker could possibly use this issue to trick...

USN-4966-1 libx11 vulnerability

It was discovered that libx11 incorrectly validated certain parameter lengths. A remote attacker could possibly use this issue to trick libx11 into emitting extra X protocol requests...

USN-4966-1: libx11 vulnerability

It was discovered that libx11 incorrectly validated certain parameter lengths. A remote attacker could possibly use this issue to trick libx11 into emitting extra X protocol requests...

CVE-2020-12485

The frame touch module does not make validity judgments on parameter lengths when processing specific parameters,which caused out of the boundary when memory access.The vulnerability eventually leads to a local DOS on the device...

CVE-2020-12485

The frame touch module does not make validity judgments on parameter lengths when processing specific parameters,which caused out of the boundary when memory access.The vulnerability eventually leads to a local DOS on the device...